Kaspersky Anti-Virus Buffer Overflow in Processing ARJ Archives Lets Remote Users Execute Arbitrary Code
|
|
SecurityTracker Alert ID: 1017882 |
|
SecurityTracker URL: http://securitytracker.com/id/1017882
|
|
CVE Reference:
CVE-2007-0445
(Links to External Site)
|
Date: Apr 6 2007
|
Impact:
Execution of arbitrary code via network, User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 6.0
|
Description:
A vulnerability was reported in Kaspersky Anti-Virus. A remote user can cause arbitrary code to be executed on the target system.
A remote user can create a specially crafted ARJ archive that, when processed by the target user or target application, will trigger a heap overflow and execute arbitrary code on the target system.
Kaspersky Anti-Virus for Workstations and Kaspersky Anti-Virus for File Server are also affected.
The vendor was notified on November 9, 2006.
TippingPoint reported this vulnerability.
The original advisory is available at:
http://www.zerodayinitiative.com/advisories/ZDI-07-013.html
|
Impact:
A remote user can create a file that, when processed by the target user or application, will execute arbitrary code.
|
Solution:
The vendor has issued a fixed version (Maintenance Pack, 2.0 build 6.0.2.614).
The Kaspersky advisories are available at:
http://www.kaspersky.com/technews?id=203038693
http://www.kaspersky.com/technews?id=203038694
|
Vendor URL: www.kaspersky.com/technews?id=203038694 (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 5 Apr 2007 23:01:50 -0400
Subject: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability
|
http://www.zerodayinitiative.com/advisories/ZDI-07-013.html
CVE-2007-0445
|
|
