Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow

2015-09-22T00:00:00
ID EDB-ID:38287
Type exploitdb
Reporter Google Security Research
Modified 2015-09-22T00:00:00

Description

Kaspersky Antivirus ThinApp Parser Stack Buffer Overflow. Local exploit for windows platform

                                        
                                            Source: https://code.google.com/p/google-security-research/issues/detail?id=518

A remotely exploitable stack buffer overflow in ThinApp container parsing. Kaspersky Antivirus (I've tested version 15 and 16) and other products using the Kaspersky Engine (such as ZoneAlarm) are affected.

Proof of Concept:
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/38287.zip