Test ID:	1.3.6.1.4.1.25623.1.0.811549
Category:	General
Title:	Quick Heal Anti-Virus Pro Multiple Vulnerabilities
Summary:	Quick Heal Anti-Virus Pro is prone to multiple vulnerabilities.
Description:	Summary: Quick Heal Anti-Virus Pro is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws exist due to: - The PE files in the default installation do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product. - A Memory Corruption error while parsing a malformed Mach-O file. - An Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. - A Memory Corruption error while parsing a malformed Mach-O file. Vulnerability Impact: Successful exploitation will allow remote attackers to gain Remote Code Execution as well as Privilege Escalation. Affected Software/OS: Quick Heal AntiVirus Pro 10.1.0.316 and prior. Solution: The vendor has released multiple patches to fix the vulnerability. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2017-8773 http://payatu.com/oob-write-heap-buffer-dwcompressionsize-ms-wim/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8774 http://payatu.com/quick-heal-internet-security-memory-corruption-vulnerability/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8775 http://payatu.com/quick-heal-internet-security-memory-corruption-vulnerability-2/ Common Vulnerability Exposure (CVE) ID: CVE-2017-8776 http://payatu.com/quick-heal-antivirus-protection-mechanism-failure-vulnerability/
Copyright	Copyright (C) 2017 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.