Heap-Based Buffer Overflow in Kaspersky Antivirus Products
CVE-2007-0445

Currently unrated

Key Information:

Vendor

kaspersky
Status
Kaspersky Anti-virus
Kaspersky Internet Security
Vendor
CVE Published:
6 April 2007

What is CVE-2007-0445?

A heap-based buffer overflow vulnerability exists in the arj.ppl module of the OnDemand Scanner in Kaspersky Anti-Virus and related products prior to Maintenance Pack 2 build 6.0.2.614. This flaw allows remote attackers to execute arbitrary code on affected systems by exploiting crafted ARJ archive files. A successful attack could lead to severe data breaches or system compromise, making it essential for users of these affected Kaspersky products to apply relevant updates and patches swiftly to mitigate potential risks.

References

http://www.zerodayinitiative.com/advisories/ZDI-07-013.html
x_refsource_MISC
http://secunia.com/advisories/24778
third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1017882
vdb-entryx_refsource_SECTRACK

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.