Test ID:	1.3.6.1.4.1.25623.1.0.804181
Category:	General
Title:	Quick Heal Antivirus Pro 'pepoly.dll' Stack Buffer Overflow Vulnerability
Summary:	Quick Heal Antivirus Pro is prone to stack buffer overflow vulnerability.
Description:	Summary: Quick Heal Antivirus Pro is prone to stack buffer overflow vulnerability. Vulnerability Insight: The flaw is due to improper bounds checking by the 'pepoly.dll' module. Vulnerability Impact: Successful exploitation will allow a local attacker to cause a stack-based buffer overflow, resulting in a denial of service or execution of arbitrary code. Affected Software/OS: Quick Heal AntiVirus Pro version 7.0.0.1 and probably other versions. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2013-6767 BugTraq ID: 64402 http://www.securityfocus.com/bid/64402 Bugtraq: 20131217 QuickHeal AntiVirus 7.0.0.1 - Stack Overflow Vulnerability (Google Search) http://seclists.org/bugtraq/2013/Dec/90 http://www.exploit-db.com/exploits/30374 http://packetstormsecurity.com/files/124477/QuickHeal-AntiVirus-7.0.0.1-Stack-Buffer-Overflow.html http://www.vulnerability-lab.com/get_content.php?id=1171 http://osvdb.org/101130
Copyright	Copyright (C) 2013 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.