Vulnerability Found in Kaspersky Security Software
The flaw can be exploited to crash the complete software process.
A security flaw has been uncovered in Kaspersky Anti-Virus 2011/2012 and Kaspersky Internet Security 2011/2012, which can be exploited to crash the complete software process.
"Researchers from Vulnerability Laboratory found a flaw caused by an invalid pointer corruption when processing a corrupt .cfg file through the Kaspersky exception filters," writes Softpedia's Eduard Kovacs. "The bug seems to be located in basegui.ppl and basegui.dll when a cfg file import is processed."
"According to the timeline report provided by Vulnerability Labs, Kaspersky was notified on the issue in December 2010 and responded a month later," Kovacs writes. "The information on the vulnerabilities was not disclosed until a few days ago, but there is no mention of the bug being fixed."
Go to "Kaspersky Anti-Virus and Internet Security 2012 Vulnerable to Hackers" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.