Описание
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.
Ссылки
- PatchVendor Advisory
- Patch
- Patch
- Vendor Advisory
- PatchVendor Advisory
- Patch
- Patch
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 6.0 (включая)
Одно из
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:file_servers:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:windows_workstation:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:workstations:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:*:maintenance_pack_2:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.20299
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.
EPSS
Процентиль: 95%
0.20299
Средний
10 Critical
CVSS2
Дефекты
NVD-CWE-Other