Kaspersky Anti-Virus Engine ARJ – Archive Parsing Heap Overflow Vulnerability
| Kaspersky AntiVirus Engine can be exploited via a remote attack.Result: Hacker can execute arbitrary commands because of a unpatched vulnerability. |
| CyTRAP Labs security risk barometer | ||||
| low | elevated | moderately critical |
critical | severe |
| 1 | 2 | 3 | 4 | 5 |
| operating system affected | Windows, Linux, etc. |
| affected software | Kaspersky Anti-Virus Engine. |
| risk | 4 – criticalWhy – because user interaction is not required to exploit this vulnerability. |
| where is the patch? | There is a patch for this vulnerability available upgrade to version 6.0 .You may also right click the Kaspersky icon on your workstation and ask the program to check for the latest update.This will make sure the latest version is installed on the PC. |
| our recommendation | Download Kaspersky Anti-Virus for Workstation version 6.0 hereDownload Kaspersky Anti-Virus for Server version 6.0 here |
| what is the problem? | The specific flaw exists in the engine’s handling of the ARJ archive format.The Kaspersky anti-virus engine copies data from scanned archives into an unchecked heap-based buffer.
This results in heap corruption when a malformed ARJ archive is processed by an application that utilizes the engine. This corruption can be exploited to execute arbitrary code. |
| where can one get more details? | Get more details from 3 vulnerabilities fixed in Kaspersky Anti-Virus for Workstation, File Server version 6.0 |
| CVE-Nr | CVE-2007-0445 (under review – candidate) |
Why not get our new postings directly via e-mail, enter the address below:
