Zemana Antilogger 1.9.2 DoS attack

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Zemana Antilogger 1.9.2 DoS attack
From: loginit@xxxxxxxxx
Date: 1 Jun 2009 18:18:52 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Severity: Critical
Title: Zemana Antilogger: Denial of Service
Date: May 30, 2009
Vers:1.9.2.102
ID: 200905-30
StreAmeR - 2009

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

A vulnerability has been discovered in Zemana Antilogger, allowing for a Denial
of Service.

Background
==========

Zemana AntiLogger has a new, powerful way to protect your PC from malware 
attacks.

Affected packages
=================
Vers:1.9.2.102 and old versions.

Description
===========
Attempts to terminate the process by sending Close messages (called WM_CLOSE 
and SC_CLOSE) to all windows in the target process. This method only works if 
1) the target process has at least one window, and 2) the target process 
doesn't handle the WM_CLOSE/SC_CLOSE message .


Impact
======

Attacker could send specially crafted messages to the windows of the target 
process,
resulting in a crash.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

No current solution.

Prev by Date: ZDI-09-024: Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability
Next by Date: [USN-778-1] cron vulnerability
Previous by thread: ZDI-09-024: Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability
Next by thread: [USN-778-1] cron vulnerability
Index(es):
- Date
- Thread