VYPR
High severity7.8NVD Advisory· Published Jul 27, 2017· Updated Jun 17, 2026

CVE-2016-10402

CVE-2016-10402

Description

Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow.

Affected products

2
  • Avira/Antivirus2 versions
    cpe:2.3:a:avira:antivirus:*:*:*:*:*:windows:*:*+ 1 more
    • cpe:2.3:a:avira:antivirus:*:*:*:*:*:windows:*:*range: <=8.3.36.59
    • (no CPE)range: <8.3.36.60

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.