virus logo Intrusion Prevention

Kaspersky.Antivirus.Library.Heap.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a vulnerability in the Kaspersky Antivirus Library.
The Kaspersky Antivirus Library provides file format support for virus analysis. The library is vulnerable to a heap overflow allowing attackers complete control of the system(s) being protected. This vulnerability can be exploited remotely without user interaction in default configurations through common protocols such as SMTP, SMB, HTTP, and FTP.

affected-products-logoAffected Products

Due to the library's OS-independent design and core functionality, it is likely that this vulnerability affects a substantial portion of Kaspersky's gateway, server, and client antivirus-enabled product lines on most platforms.
http://www.kaspersky.com/products

Impact logoImpact

Successful exploitation of Kaspersky protected systems allows attackers unauthorized control of data and related privileges. It also provides leverage for further network compromise. Kaspersky Antivirus Library implementations are likely vulnerable in their default configuration.

recomended-action-logoRecommended Actions

An update which eliminates the vulnerability is now available, and can be installed using standard update procedures: ftp://ftp.kaspersky.ru/updates50/AutoPatches/windows/

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 13414
Created Oct 19, 2006
Updated Nov 05, 2021
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Exploit Prediction Score 21.2%
Default Action drop
Active
Affected OS Windows
Affected App Other
Profile Type Buffer Errors