[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Kaspersky Antivirus Remote Heap Overflow
From: list () rem0te ! com
Date: 2005-10-03 13:48:48
Message-ID: W4725616518134821128347328 () webmail2
[Download RAW message or body]
Date
October 3, 2005
Vulnerability
The Kaspersky Antivirus Library provides file format support for virus analysis. \
During analysis of cab files Kaspersky is vulnerable to a heap overflow allowing \
attackers complete control of the system(s) being protected. This vulnerability can \
be exploited remotely without user interaction in default configurations through \
common protocols such as SMTP, SMB, HTTP, and FTP.
Impact
Successful exploitation of Kaspersky protected systems allows attackers unauthorized \
control of data and related privileges. It also provides leverage for further network \
compromise. Kaspersky Antivirus Library implementations are likely vulnerable in \
their default configuration.
Affected Products
Due to the library's OS independent design and core functionality: it is likely this \
vulnerability affects a substantial portion of Kaspersky's gateway, server, and \
client antivirus enabled product lines on most platforms.
http://www.kaspersky.com/products
Note: Kaspersky's antivirus OEM product line is a program where vendors may license \
the vulnerable library. The following link is a list containing some of the Kaspersky \
partners with products also likely affected by this vulnerability. Refer to your \
vendor for specifics.
http://www.kaspersky.com/oemsuccess
Credit
This vulnerability was discovered and researched by Alex Wheeler.
Contact
security@rem0te.com
Advisory Details
http://www.rem0te.com/public/images/kaspersky.pdf
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic