Vulnerability Details : CVE-2005-3142
Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-3142
- cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_file_servers:*:*:*:*:*
- cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_workstations:*:*:*:*:*
- cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal_pro:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:kaspersky_lab:kaspersky_personal_security_suite:1.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3142
13.22%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2005-3142
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2005-3142
-
http://www.securityfocus.com/bid/14998
-
http://securitytracker.com/id?1014998
-
http://securityreason.com/securityalert/44
-
http://www.kaspersky.com/news?id=171512144
Vendor Advisory
-
http://marc.info/?l=bugtraq&m=112837961522571&w=2
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/22497
-
http://www.rem0te.com/public/images/kaspersky.pdf
Vendor Advisory
-
http://www.vupen.com/english/advisories/2005/1934
-
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html
Jump to