A load of new issues have been published, related to AV products (during the current month). Apparently fuzzing is becoming quite a bit popular nowadays, as mostly every issue is related to a file format parsing flaw:
- F-Prot Antivirus for Unix: heap overflow and Denial of Service
- [ GLSA 200612-12 ] F-PROT Antivirus: Multiple vulnerabilities
- iDefense Security Advisory 12.08.06: Sophos Antivirus CHM File Heap Overflow Vulnerability
- iDefense Security Advisory 12.08.06: Sophos Antivirus CHM Chunk Name Length Memory Corruption Vulnerability
- iDefense Security Advisory 12.08.06: Multiple Vendor Antivirus RAR File Denial of Service Vulnerability
- n.runs - NOD32 Antivirus CAB parsing Arbitrary Code Execution Advisory
- n.runs - NOD32 Antivirus DOC parsing Arbitrary Code Execution Advisory
- n.runs - BitDefender AV Packed PE File Parsing Engine Heap Overflow
Definitely AV engines are a hot target for fuzzing. They are supposed to handle many different archive and executable formats and that's a great source of security issues (most commonly, integer overflows, heap-based buffer overflows and even some good old stack smashing fun).
