{"type": "osvdb", "published": "2005-10-10T03:59:07", "href": "https://vulners.com/osvdb/OSVDB:19912", "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 7.5}, "viewCount": 4, "edition": 1, "reporter": "OSVDB", "title": "Kaspersky Anti-Virus Engine CHM File Parsing Overflow", "affectedSoftware": [{"operator": "eq", "version": "5.0.5", "name": "Anti-Virus On-Demand Scanner for Linux"}, {"operator": "eq", "version": "5.0.227", "name": "Anti-Virus Personal"}], "enchantments": {"score": {"value": 7.1, "vector": "NONE", "modified": "2017-04-28T13:20:16", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2005-3664"]}, {"type": "osvdb", "idList": ["OSVDB:19913"]}], "modified": "2017-04-28T13:20:16", "rev": 2}, "vulnersScore": 7.1}, "references": [], "id": "OSVDB:19912", "lastseen": "2017-04-28T13:20:16", "cvelist": ["CVE-2005-3664"], "modified": "2005-10-10T03:59:07", "description": "## Vulnerability Description\nA remote overflow exists in Kaspersky Anti-Virus. The Anti-Virus engine fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted CHM file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Technical Description\nAccording to the advisory, the heap-based buffer overflow does not affect Microsoft Windows platforms. However, if a malformed CHM file has been encountered, the engine will fail to scan any files, thus allowing further arbitrary code to reach the target.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, Kaspersky has released a signature update to address this vulnerability.\n## Short Description\nA remote overflow exists in Kaspersky Anti-Virus. The Anti-Virus engine fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted CHM file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\nVendor URL: http://www.kaspersky.com/\nSecurity Tracker: 1015030\n[Secunia Advisory ID:17130](https://secuniaresearch.flexerasoftware.com/advisories/17130/)\nOther Advisory URL: http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0232.html\nISS X-Force ID: 22564\n[CVE-2005-3664](https://vulners.com/cve/CVE-2005-3664)\nBugtraq ID: 15054\n"}

{"cve": [{"lastseen": "2020-10-03T11:34:57", "description": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.", "edition": 3, "cvss3": {}, "published": "2005-11-18T06:04:00", "title": "CVE-2005-3664", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": true}, "cvelist": ["CVE-2005-3664"], "modified": "2017-07-11T01:33:00", "cpe": ["cpe:/a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227", "cpe:/a:f-secure:f-secure_anti-virus:4.50", "cpe:/a:kaspersky_lab:kaspersky_anti-virus:5.0.5"], "id": "CVE-2005-3664", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3664", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_workstations:*:*:*:*:*", "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:linux:*:*:*:*:*", "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_servers:*:*:*:*:*", "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:16", "bulletinFamily": "software", "cvelist": ["CVE-2005-3664"], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in F-Secure Anti-Virus for Linux. The Anti-Virus engine fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted CHM file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## Solution Description\nCurrently, there are no known workarounds or upgrades to correct this issue. However, F-Secure has released a signature update to address this vulnerability.\n## Short Description\nA remote overflow exists in F-Secure Anti-Virus for Linux. The Anti-Virus engine fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted CHM file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.\n## References:\nVendor URL: http://www.f-secure.com/\n[Secunia Advisory ID:17144](https://secuniaresearch.flexerasoftware.com/advisories/17144/)\nOther Advisory URL: http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0232.html\nISS X-Force ID: 22564\n[CVE-2005-3664](https://vulners.com/cve/CVE-2005-3664)\nBugtraq ID: 15054\n", "modified": "2005-10-10T03:59:06", "published": "2005-10-10T03:59:06", "href": "https://vulners.com/osvdb/OSVDB:19913", "id": "OSVDB:19913", "type": "osvdb", "title": "F-Secure Anti-Virus for Linux CHM File Parsing Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}