Kaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow - Secunia Advisories - Vulnerability Intelligence

Home > Vulnerability Intelligence > Secunia Advisories > Kaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow

Secunia Advisories

Advisories

Advisories by Product

Business Solutions Restricted

Partner Solutions Restricted

About

Kaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow
Secunia Advisory:	SA17130	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2005-10-11
Last Update:	2005-12-07
Popularity:	9,650 views

Critical:	Highly critical
Impact:	DoS System access
Where:	From remote
Solution Status:	Vendor Patch

Software:	Kaspersky Anti-Virus 5.x

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2005-2937 CVE-2005-3664

Description: A vulnerability has been reported in Kaspersky Anti-Virus, which can be exploited by malicious people to cause a DoS (Denial of Service), or compromise a vulnerable system. The vulnerability is caused due to a boundary error in the scan engine when parsing a malformed CHM file. This can be exploited to cause a heap-based buffer overflow when a specially crafted CHM file is scanned. On Windows platforms, the anti-virus may fail to scan any other files after a malformed CHM file has been encountered. The vulnerability has been reported in the following versions: * Kaspersky Personal 5.0.227 * Kaspersky Anti-Virus On-Demand Scanner for Linux 5.0.5 Other products that use the Kaspersky Anti-Virus Engine may also be affected. Solution: The vulnerability has reportedly been fixed via a signature update after July 2005. Provided and/or discovered by: Discovered by anonymous person and reported via iDEFENSE. Changelog: 2005-12-07: Added CVE reference. Original Advisory: iDEFENSE: http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

Today

New advisories:	23
New vulnerabilities:	97
Updated advisories:	25

Less // 48 views

SmbFTPD Long Command Processing Vulnerability

Less // 128 views

Drupal Project Issue Tracking Module Multiple Vulnerabilities

Less // 141 views

PHP-Fusion Members CV Module "sortby" SQL Injection Vulnerability

Moderately // 153 views

Lasso OpenSSL "DSA_verify()" Spoofing Vulnerability

Moderately // 135 views

Xdg-utils mailcap Command Execution Security Issue

Less // 172 views

FreeBSD update for lukemftpd

Less // 157 views

tnftpd Long Command Processing Vulnerability

Moderately // 220 views

Cisco Global Site Selector DNS Request Denial of Service

Less // 198 views

NTP OpenSSL "EVP_VerifyFinal()" Spoofing Vulnerability

Moderately // 162 views

Red Hat update for lcms

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.