RSS News Feed News Feed XML News Feed

Home

A.P.B.

Designs

Virus

Exploits

Primers

Definitions

Movies

Police Forces

Home > Exploits > Software/Hardware > Kaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow Vulnerability

 

Vulnerability: Kaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow Vulnerability

CVE: CVE-2005-3664

Secunia Advisory: SA17130

Credit: Anonymous Researcher

Vulnerable: Kaspersky Personal Anti-Virus v.5.0.227, Kaspersky Anti-Virus On-Demand Scanner for Linux v.5.0.5, F-Secure Anti-Virus for Linux v.4.50

Patch: A vendor-supplied signature update is available

 

Due to a boundary error in Kaspersky's scan engine, a Denial of Service attack (DoS) or system compromise can occur.  A heap-based buffer overflow can occur when parsing a malformed CHM file.  This can lead to the execution of arbitrary code.  Kaspersky's scan engine will also stop scanning further files in Windows after encountering a corrupt CHM file.

 

 

Copyright (c) 2006-2008  A. Ryan Robbins.  All Rights Reserved.

 

 

Google
 
Web ycopfiles.com

 

 

Privacy

Copyright

About

Contact

Site Map

Blog Frog