Kaspersky Antivirus cab heap overflow
| kaspersky-cab-heap-overflow (22497) |  High Risk |
Description:
Kaspersky Antivirus (KAV) is vulnerable to a heap overflow caused by a vulnerability when scanning cab files. A remote attacker could exploit this vulnerability to gain control of data and possibly gain full access to the system.
Consequences:
Gain Access
Remedy:
Upgrade to the latest version of Kaspersky Anti-Virus, available via regular database update. See References.
References:
- Full-Disclosure Mailing List, Mon Oct 03 2005 - 08:44:54 CDT: Kaspersky Antivirus Library Remote Heap Overflow.
- Kaspersky Lab Web site: Kaspersky Antivirus Software Products for Home Computer Security.
- BID-14998: Kaspersky Anti-Virus Library CAB Record Remote Heap Overflow Vulnerability
- CVE-2005-3142: Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
- OSVDB ID: 19850: Kaspersky Anti-Virus cab.ppl CAB Archive Handling Overflow
- SA17024: Kaspersky Anti-Virus CAB Archive Handling Buffer Overflow
- SECTRACK ID: 1014998: Kaspersky Anti-Virus Library Buffer Overflow in Processing CAB Files Lets Remote Users Execute Arbitrary Code
- VUPEN/ADV-2005-1934: Kaspersky Anti-Virus Products Remote Heap Overflow Vulnerability
Platforms Affected:
- Kaspersky Kaspersky Anti-Virus
Reported:
Oct 03, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net