Heap-based Buffer Overflow in Kaspersky Antivirus Products
CVE-2005-3142

Currently unrated

Key Information:

Vendor: kaspersky
Status: Kaspersky Anti-virus Personal Pro; Kaspersky Anti-virus Personal; Kaspersky Anti-virus; Kaspersky Personal Security Suite
Vendor: CVE Published:; 5 October 2005

Summary

A heap-based buffer overflow vulnerability exists in Kaspersky Antivirus 5.0 and Kaspersky Personal Security Suite 1.1. This flaw allows remote attackers to execute arbitrary code on the affected systems by sending specially crafted CAB files with oversized records following the header. Successful exploitation of this vulnerability could lead to unauthorized actions on the affected devices, underlining the importance of applying security updates promptly.

References

http://www.vupen.com/english/advisories/2005/1934

vdb-entryx_refsource_VUPEN

http://marc.info/?l=bugtraq&m=112837961522571&w=2

mailing-listx_refsource_BUGTRAQ

http://securityreason.com/securityalert/44

third-party-advisoryx_refsource_SREASON

EPSS Score

21% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 5, 2005
Vulnerability Reserved
Oct 5, 2005