CVE-2007-0445

Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.

Desbordamiento de búfer basado en pila en el módulo arj.ppl en OnDemand Scanner en Kaspersky Anti-Virus, Anti-Virus para estaciones de trabajo, y Anti-Virus para File Servers 6.0, e Internet Security 6.0 anterior a Maintenance Pack 2 construccion 6.0.2.614 permite a atacantes remotos ejecutar código de su elección a través de archivos ARJ.

This vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of the Kaspersky Anti-Virus Engine. User interaction is not required to exploit this vulnerability.
The specific flaw exists in the engine's handling of the ARJ archive format. The Kaspersky engine copies data from scanned archives into an unchecked heap-based buffer. This results in heap corruption when a malformed ARJ archive is processed by an application that utilizes the engine. This corruption can be exploited to execute arbitrary code.

*Credits: Anonymous

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2007-01-23 CVE Reserved
2007-04-05 CVE Published
2024-06-01 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (10)

URL	Tag	Source
http://www.securityfocus.com/archive/1/464878/100/0/threaded	Mailing List
http://www.securityfocus.com/bid/23346	Vdb Entry
http://www.securitytracker.com/id?1017882	Vdb Entry
http://www.securitytracker.com/id?1017883	Vdb Entry
http://www.vupen.com/english/advisories/2007/1268	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/33489	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/24778	2018-10-16
http://www.kaspersky.com/technews?id=203038693	2018-10-16
http://www.kaspersky.com/technews?id=203038694	2018-10-16

URL	Date	SRC
http://www.zerodayinitiative.com/advisories/ZDI-07-013.html	2018-10-16

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Kaspersky Lab Search vendor "Kaspersky Lab"		Kaspersky Anti-virus Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus"				6.0 Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" and version "6.0"		file_servers		Affected
Kaspersky Lab Search vendor "Kaspersky Lab"		Kaspersky Anti-virus Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus"				6.0 Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" and version "6.0"		windows_workstation		Affected
Kaspersky Lab Search vendor "Kaspersky Lab"		Kaspersky Anti-virus Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus"				6.0 Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" and version "6.0"		workstations		Affected
Kaspersky Lab Search vendor "Kaspersky Lab"		Kaspersky Internet Security Search vendor "Kaspersky Lab" for product "Kaspersky Internet Security"				<= 6.0 Search vendor "Kaspersky Lab" for product "Kaspersky Internet Security" and version " <= 6.0"		maintenance_pack_2		Affected