CyberSec.Space Logo
Back to CVE Browser

CVE-2005-3142

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0010%
EPSS Percentile39.74th
PublishedOct 5, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.

Affected Platforms (CPE)

πŸ“¦
Kaspersky Lab

Kaspersky Anti Virus

= 5.0
πŸ“¦
Kaspersky Lab

Kaspersky Anti Virus

= 5.0
πŸ“¦
Kaspersky Lab

Kaspersky Anti Virus Personal

= 5.0
πŸ“¦
Kaspersky Lab

Kaspersky Anti Virus Personal Pro

= 5.0
πŸ“¦
Kaspersky Lab

Kaspersky Personal Security Suite

= 1.1

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html
πŸ”— http://marc.info/?l=bugtraq&m=112837961522571&w=2
πŸ”— http://secunia.com/advisories/17024/
πŸ”— http://securityreason.com/securityalert/44
πŸ”— http://securitytracker.com/id?1014998
πŸ”— http://www.kaspersky.com/news?id=171512144
πŸ”— http://www.osvdb.org/19850
πŸ”— http://www.rem0te.com/public/images/kaspersky.pdf

Related Vulnerabilities

CVE-2007-044510.0

Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and...

CVE-2007-111210.0

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and ...

CVE-2017-98119.8

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pac...

CVE-2007-18799.3

The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 ...