Intrusion Prevention

Google.Earth.KMLKMZ.Files.Buffer.Overflow

Description

Google Earth has a heap-based buffer overflow vulnerability. A remote attacker could cause the Google Earth application to crash or execute arbitrary code on the system with the privileges of the application, by sending a specially-crafted kml or kmz file to the victim.

Affected Products

Google Google Earth (beta) 4.0.2091(beta).

Impact

Gain Access

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.
http://earth.google.com/

CVE References

CVE-2006-7157