Kaspersky AntiVirus - ThinApp Parser Stack Buffer Overflow

Author: Google Security Research
type: local
platform: windows
port: 
date_added: 2015-09-22 
date_updated: 2015-09-22 
verified: 1 
codes: OSVDB-127139 
tags: 
aliases:  
screenshot_url:  
application_url: 

Source: https://code.google.com/p/google-security-research/issues/detail?id=518

A remotely exploitable stack buffer overflow in ThinApp container parsing. Kaspersky Antivirus (I've tested version 15 and 16) and other products using the Kaspersky Engine (such as ZoneAlarm) are affected.

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38287.zip