Kaspersky Anti-Virus CAB Archive Vulnerability

Alex Wheeler has reported a vulnerability in Kaspersky Anti-Virus, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to a boundary error in “cab.ppl” when processing malformed CAB archives. This can be exploited to cause a heap-based buffer overflow and allows arbitrary code execution when a malicious CAB archive is scanned.

Secunia Advisory: SA17024

The vulnerability has been reported in the following versions:

  • Kaspersky Anti-Virus Personal 5.0
  • Kaspersky Anti-Virus Personal Pro 5.0
  • Kaspersky Anti-Virus 5.0 for Windows Workstations
  • Kaspersky Anti-Virus 5.0 for Windows File Servers
  • Kaspersky Personal Security Suite 1.

Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: Kaspersky Anti-Virus 5.x, Kaspersky Personal Security Suite 1.x

[Continue reading Secunia Advisory SA17024]