News Document Title:
====================
Kaspersky IS AV 2012 Bug released by Laboratory Researcher


Release Date:
=============
2012-01-04


Laboratory Article:
===================
The laboratory founder and research team leader Benjamin Kunz Mejri alias Rem0ve discovered a local memory corruption vulnerability
on the famous Kaspersky Antivirus & Internet Security 2011/2012 software. The vulnerability has been identified about 1 year ago. 
The bug is located on the vulnerable .cfg import function of the software. 


V-Lab KIS/KAV Article:
				[+] http://www.vulnerability-lab.com/dev/?p=372

Advisory:
				[+] http://www.vulnerability-lab.com/get_content.php?id=129

Video(s):
				[+] http://www.vulnerability-lab.com/get_content.php?id=19


News Article(s):
				[+] http://news.softpedia.com/news/Kaspersky-Anti-Virus-and-Internet-Security-2012-Vulnerable-to-Hackers-242508.shtml
				[+] http://packetstormsecurity.org/files/108043/VL-129.txt
				[+] http://www.securityfocus.com/bid/51161/discuss
				[+] http://forums.malwarebytes.org/index.php?showtopic=102805
				[+] http://thehackernews.com/2011/12/kaspersky-internet-security-memory.html
				[+] http://www.honkwin.com/show/1674.html
				[+] http://www.securityfocus.com/bid/51161/info
				[+] http://seclists.org/fulldisclosure/2011/Dec/424
				[+] http://news.hitb.org/content/researcher-discovered-memory-corruption-vulnerability-kaspersky-20112012-products
				[+] http://www.governmentsecurity.org/forum/topic/33575-kaspersky-is-av-20112012-memory-corruption-vulnerability/
				[+] http://news.enigmagroup.org/security/kaspersky-internet-security-memory-corruption-vulnerability/
				[+] http://downloads.securityfocus.com/vulnerabilities/exploits/51161.txt
				[+] http://letsbytecode.com/security/researcher-found-0day-vulnerabilities-in-products-of-kaspersky-20112012/
				[+] http://www.securityhome.eu/exploits/exploit_pdf.php?eid=1262904474ef14c0b47da02.35101581