CVE-2005-3142

Name of the Vulnerable Software and Affected Versions Kaspersky Antivirus versions 5.0 Kaspersky Personal Security Suite version 1.1

Description The issue is related to a heap-based buffer overflow that can be triggered by a specially crafted CAB file with large records after the header. This allows remote attackers to execute arbitrary code, resulting in a loss of integrity. The cab.ppl engine is specifically mentioned as failing to perform proper bounds checking, leading to the buffer overflow.

Recommendations For Kaspersky Antivirus version 5.0, consider disabling the handling of CAB files until a patch is available. For Kaspersky Personal Security Suite version 1.1, restrict access to the cab.ppl engine to minimize the risk of exploitation. As a temporary workaround, avoid using the vulnerable cab.ppl engine in Kaspersky Antivirus and Kaspersky Personal Security Suite until a patch is available.