CVE-2005-3142 — Improper Restriction of Operations within the Bounds of a Memory Buffer in LAB Kaspersky Anti-virus

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

21.2%

top 4.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Kaspersky LAB Kaspersky Anti-virus Kaspersky LAB Kaspersky Anti-virus Personal Kaspersky LAB Kaspersky Anti-virus Personal PRO +1 more

Timeline

PublishedOct 5

Latest updateMay 1

Description

Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages4 packages

▶NVDkaspersky_lab/kaspersky_personal_security_suite1.1

▶NVDkaspersky_lab/kaspersky_anti-virus_personal5.0

▶NVDkaspersky_lab/kaspersky_anti-virus_personal_pro5.0

▶NVDkaspersky_lab/kaspersky_anti-virus5.0

🔴Vulnerability Details

GHSA

GHSA-q9cp-34x4-jgw5: Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5↗2022-05-01

▶

CVEList

CVE-2005-3142: Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5↗2005-10-05

▶