Kaspersky Antivirus ThinApp parser stack buffer overflow

[GoogleCodeExporter]

The attached report and exploit were mailed to vulnerability@kaspersky.com on 
4th September 2015. Currently triaging about 230 more unique crashes.

A remotely exploitable stack buffer overflow in ThinApp container parsing. 
Kaspersky Antivirus (I've tested version 15 and 16) and other products using 
the Kaspersky Engine (such as ZoneAlarm) are affected.

This bug is subject to a 90 day disclosure deadline. If 90 days elapse
without a broadly available patch, then the bug report will automatically
become visible to the public.

Exploit password: infected

Original issue reported on code.google.com by tav...@google.com on 5 Sep 2015 at 5:15

Attachments:

• KasperskyVulnerabilityReport.pdf
• thinstall.tar.gz
• [Windows 7-2015-09-04-19-35-34.png](https://storage.googleapis.com/google-code-attachments/google-security-research/issue-518/comment-0/Windows 7-2015-09-04-19-35-34.png)

[GoogleCodeExporter]

Kaspersky confirmed the vulnerability on Sep 5, and informed me a fix is being 
rolled out globally on the 7th.

I'm currently discussing publication, and hoping we can negotiate for 
deployment of /GS.

Original comment by tav...@google.com on 8 Sep 2015 at 11:24

[GoogleCodeExporter]

Original comment by scvi...@google.com on 10 Sep 2015 at 1:48

• Added labels: Reported-2015-Sep-4

[GoogleCodeExporter]

Original comment by tav...@google.com on 22 Sep 2015 at 5:23

• Removed labels: Restrict-View-Commit

[GoogleCodeExporter]

Original comment by mjurc...@google.com on 24 Sep 2015 at 11:37

• Added labels: Product-Kaspersky
• Removed labels: Product-KasperskyAntivirus

[GoogleCodeExporter]

thanksyou so much 
http://richcare.blogspot.co.id/2015/09/obat-herbal-asam-urat-alami-generik-resep
dokter-dan-kolesterol.html

Original comment by prabukra...@gmail.com on 1 Oct 2015 at 4:54