3 matches found
Kaspersky AntiVirus杀毒引擎ARJ文档解析堆溢出漏洞
CVECAN ID: CVE-2007-0445 Kaspersky Antivirus是非常流行的杀毒软件。 Kaspersky Antivirus的杀毒引擎在处理ARJ文档格式时存在堆溢出漏洞,如果使用该引擎的杀毒软件扫描了恶意文档的话就会触发这个溢出,可能导致执行任意指令。 来源:ZDI (http://www.zerodayinitiative.com/) 链接:http://www.zerodayinitiative.com/advisories/ZDI-07-013.html http://www.kaspersky.com/technews?id=203038693...
[Full-disclosure] ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability
ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow http://www.zerodayinitiative.com/advisories/ZDI-07-013.html April 5, 2007 -- CVE ID: CVE-2007-0445 -- Affected Vendor: Kaspersky -- Affected Products: Anti-Virus 6.0 Internet Security 6.0 Anti-Virus for Workstation File Serv...
CVE-2007-0445
CVE-2007-0445 describes a heap-based buffer overflow in the arj.ppl module of the Kaspersky OnDemand Scanner engine (used by Kaspersky Anti-Virus/Internet Security products). The flaw occurs while processing ARJ archives, where data is copied into an unchecked heap-based buffer, allowing remote a...