CVE-2019-8285

EUVD-2019-17683
Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
kasperskyantivirus_engine
𝑥
< 2019.04.04
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/108284
https://support.kaspersky.com/vulnerability.aspx?el=12430#080519
http://www.securityfocus.com/bid/108284
https://support.kaspersky.com/vulnerability.aspx?el=12430#080519