Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3142

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2005-3142
Last Modified 07 Mar 2011 09:25:52
Published 05 Oct 2005 05:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3142

Summary

Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.

Vulnerable Systems

Application

  • Kaspersky Lab Kaspersky Anti-virus 5.0

  • Kaspersky Lab Kaspersky Anti-virus Personal 5.0

  • Kaspersky Lab Kaspersky Anti-virus Personal Pro 5.0

  • Kaspersky Lab Kaspersky Personal Security Suite 1.1


References

XF - kaspersky-cab-heap-overflow(22497)

VUPEN - ADV-2005-1934

BID - 14998

MISC - http://www.rem0te.com/public/images/kaspersky.pdf

CONFIRM - http://www.kaspersky.com/news?id=171512144

SECTRACK - 1014998

SECUNIA - 17024

BUGTRAQ - 20051003 Kaspersky Antivirus Remote Heap Overflow

FULLDISC - 20051003 Kaspersky Antivirus Library Remote Heap Overflow

OSVDB - 19850

SREASON - 44


Last Updated: 27 May 2016 10:40:48