Vulnerabilities > CVE-2007-0445 - Remote Heap Overflow vulnerability in Kaspersky Antivirus Engine ARJ Archive
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Nessus
| NASL family | Windows |
| NASL id | KASPERSKY_AV6_MULT_VULNS.NASL |
| description | The version of the Kaspersky antivirus product installed on the remote host may be affected by buffer overflow, privilege escalation, and information disclosure vulnerabilities, depending on the actual product installed. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 25021 |
| published | 2007-04-10 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/25021 |
| title | Kaspersky Anti-Virus < 6.0.2.614 Multiple Vulnerabilities |
Seebug
| bulletinFamily | exploit |
| description | CVE(CAN) ID: CVE-2007-0445 Kaspersky Antivirus是非常流行的杀毒软件。 Kaspersky Antivirus的杀毒引擎在处理ARJ文档格式时存在堆溢出漏洞,如果使用该引擎的杀毒软件扫描了恶意文档的话就会触发这个溢出,可能导致执行任意指令。 <*来源:ZDI (http://www.zerodayinitiative.com/) 链接:http://www.zerodayinitiative.com/advisories/ZDI-07-013.html http://www.kaspersky.com/technews?id=203038693 http://www.kaspersky.com/technews?id=203038694 http://secunia.com/advisories/24778/ *> Kaspersky Labs Kaspersky Antivirus 6.0 Kaspersky Labs Kaspersky Internet Security 6.0 Kaspersky Labs Kaspersky Antivirus 6.0.2.614 Kaspersky Labs Kaspersky Internet Security 6.0.2.614 厂商补丁: Kaspersky Labs -------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href="http://www.kaspersky.com/productupdates?chapter=186437046" target="_blank">http://www.kaspersky.com/productupdates?chapter=186437046</a> <a href="http://www.kaspersky.com/productupdates?chapter=186435857" target="_blank">http://www.kaspersky.com/productupdates?chapter=186435857</a> |
| id | SSV:1603 |
| last seen | 2017-11-19 |
| modified | 2007-04-07 |
| published | 2007-04-07 |
| reporter | Root |
| title | Kaspersky AntiVirus杀毒引擎ARJ文档解析堆溢出漏洞 |
References
- http://secunia.com/advisories/24778
- http://www.kaspersky.com/technews?id=203038693
- http://www.kaspersky.com/technews?id=203038694
- http://www.securityfocus.com/archive/1/464878/100/0/threaded
- http://www.securityfocus.com/bid/23346
- http://www.securitytracker.com/id?1017882
- http://www.securitytracker.com/id?1017883
- http://www.vupen.com/english/advisories/2007/1268
- http://www.zerodayinitiative.com/advisories/ZDI-07-013.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33489