Kaspersky Antivirus Engine ARJ Archive Remote Heap Overflow Vulnerability
BID:23346
Info
Kaspersky Antivirus Engine ARJ Archive Remote Heap Overflow Vulnerability
| Bugtraq ID: | 23346 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0445 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 06 2007 12:00AM |
| Updated: | Apr 09 2007 06:12PM |
| Credit: | An anonymous researcher is credited with the discovery of this vulnerability. |
| Vulnerable: |
Kaspersky Internet Security 6.0 |
| Not Vulnerable: |
Kaspersky Internet Security 6.0.Maintenance Pack Kaspersky Anti-Virus 6.0.Maintenance Pack |
Discussion
Kaspersky Antivirus Engine ARJ Archive Remote Heap Overflow Vulnerability
Kaspersky Anti-Virus Engine is prone to a remote heap-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer.
An attacker could leverage this issue to execute arbitrary code with SYSTEM-level privileges. A successful exploit could result in the complete compromise of affected computers.
Kaspersky Anti-Virus Engine is prone to a remote heap-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer.
An attacker could leverage this issue to execute arbitrary code with SYSTEM-level privileges. A successful exploit could result in the complete compromise of affected computers.
Exploit / POC
Kaspersky Antivirus Engine ARJ Archive Remote Heap Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Kaspersky Antivirus Engine ARJ Archive Remote Heap Overflow Vulnerability
Solution:
The vendor has released an update to address this issue; please see the references for more information.
Solution:
The vendor has released an update to address this issue; please see the references for more information.
References
Kaspersky Antivirus Engine ARJ Archive Remote Heap Overflow Vulnerability
References:
References:
- 3 vulnerabilities fixed in Kaspersky Anti-Virus for Workstation, File Server ver (Kaspersky)
- Kaspersky Anti-Virus 6.0, Kaspersky Internet Security 6.0 - 5 vulnerabilities fi (Kaspersky)
- Kaspersky Internet Security Product Page (Kaspersky Labs)
- ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow (ZDI Disclosures)
- ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow (Zero Day Initiative (ZDI))