BitDefender Antivirus Logging Function Format String Vulnerability

BitDefender Antivirus Logging Function Format String Vulnerability

BitDefender Antivirus is a proprietary antivirus product for multiple platforms.

A format string vulnerability affects the logging functionality of BitDefender Antivirus. This issue is due to a failure of the application to properly sanitize user-supplied input prior to passing it as the format specifier to a formatted printing function.

A remote attacker may leverage this issue to write to arbitrary process memory, facilitating code execution, and privilege escalation.

This issue was reported in BitDefender versions 7.2, 8, and 9 for Windows. Other versions and platforms may also be affected.