header-logo
Suggest Exploit
vendor:
Kaspersky Antivirus
by:
Google Security Research
7,5
CVSS
HIGH
Stack Buffer Overflow
119
CWE
Product Name: Kaspersky Antivirus
Affected Version From: 15
Affected Version To: 16
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2015

ThinApp Container Parsing Stack Buffer Overflow

A remotely exploitable stack buffer overflow vulnerability exists in ThinApp container parsing. Kaspersky Antivirus (version 15 and 16) and other products using the Kaspersky Engine (such as ZoneAlarm) are affected. A proof of concept exploit is available at https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38287.zip

Mitigation:

Apply the latest security patches and updates to the affected software.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=518

A remotely exploitable stack buffer overflow in ThinApp container parsing. Kaspersky Antivirus (I've tested version 15 and 16) and other products using the Kaspersky Engine (such as ZoneAlarm) are affected.

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38287.zip

Navigation

Suggest Exploit

Services By CQR