Kaspersky DoS using manipulated UPX files
Security services provider iDefense has reported a vulnerability in Kaspersky anti-virus software released before 7th February of this year. The anti-virus software can be made to enter an infinite loop by analysing prepared compressed files packed using the runtime packer UPX. An attacker could exploit this to overload and disable e-mail servers or clients.
According to the security advisory, Kaspersky's routine for unpacking UPX files can be made to process endlessly the same data segment by means of a negative data offset for the data segment. The Russian anti-virus software vendor fixed the vulnerability on 7th February of this year. The updated version has already been made available via the automatic update function.
- Kaspersky AntiVirus UPX File Decompression DoS Vulnerability, security advisory from iDefense