PT-2007-1913 · Kaspersky · Kaspersky Anti-Virus+3
Published
2007-04-05
·
Updated
2018-10-16
·
CVE-2007-0445
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Kaspersky Anti-Virus versions 6.0 through 6.0.2.613
Kaspersky Anti-Virus for Workstations versions 6.0 through 6.0.2.613
Kaspersky Anti-Virus for File Servers versions 6.0 through 6.0.2.613
Kaspersky Internet Security versions 6.0 through 6.0.2.613
Description
The issue is related to a heap-based buffer overflow in the arj.ppl module of the OnDemand Scanner. This can be exploited by remote attackers through crafted ARJ archives, potentially allowing them to execute arbitrary code.
Recommendations
For Kaspersky Anti-Virus versions 6.0 through 6.0.2.613, update to Maintenance Pack 2 build 6.0.2.614 or later.
For Kaspersky Anti-Virus for Workstations versions 6.0 through 6.0.2.613, update to Maintenance Pack 2 build 6.0.2.614 or later.
For Kaspersky Anti-Virus for File Servers versions 6.0 through 6.0.2.613, update to Maintenance Pack 2 build 6.0.2.614 or later.
For Kaspersky Internet Security versions 6.0 through 6.0.2.613, update to Maintenance Pack 2 build 6.0.2.614 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Kaspersky Anti-Virus
Kaspersky Anti-Virus For File Servers
Kaspersky Anti-Virus For Workstations
Kaspersky Internet Security