Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Kaspersky Anti-Virus Products Remote Heap Overflow Vulnerability SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Kaspersky Anti-Virus Products Remote Heap Overflow Vulnerability
From the advisory the "issue is due to a heap overflow error in the CAB file format parser that does not properly handle a specially crafted file containing large header records and particular header flags set, which could be exploited by attackers to execute arbitrary commands (e.g. by sending an email containing a specially crafted CAB file)."
Patrick

193 Posts

Sign Up for Free or Log In to start participating in the conversation!