Heap-based Buffer Overflow in Kaspersky Anti-Virus Engine and Related Products
CVE-2005-3664

Currently unrated

Key Information:

Vendor

kaspersky
Status
Kaspersky Anti-virus
Kaspersky Anti-virus Personal
F-secure Anti-virus
Vendor
CVE Published:
18 November 2005

What is CVE-2005-3664?

A heap-based buffer overflow exists within the Kaspersky Anti-Virus Engine, utilized in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50. This vulnerability allows remote attackers to execute arbitrary code by delivering a specially crafted CHM file. The flaw can be exploited to compromise system integrity and confidentiality, making it crucial for users of the affected products to apply necessary security patches and updates promptly.

References

http://secunia.com/advisories/17130
third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/19913
vdb-entryx_refsource_OSVDB
http://www.idefense.com/application/poi/display?id=318&ty...
third-party-advisoryx_refsource_IDEFENSE

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.