CVE-2006-3074
Summary
| CVE | CVE-2006-3074 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-06-19 10:02:00 UTC |
| Updated | 2018-10-18 16:45:00 UTC |
| Description | klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Kaspersky | Kaspersky Anti-virus | 6.0 | All | All | All |
| Application | Kaspersky | Kaspersky Anti-virus | 7.0 | All | All | All |
| Application | Kaspersky | Kaspersky Anti-virus | 6.0 | All | All | All |
| Application | Kaspersky | Kaspersky Anti-virus | 7.0 | All | All | All |
| Application | Kaspersky | Kaspersky Internet Security | 6.0 | All | All | All |
| Application | Kaspersky | Kaspersky Internet Security | 7.0 | All | All | All |
| Application | Kaspersky | Kaspersky Internet Security | 6.0 | All | All | All |
| Application | Kaspersky | Kaspersky Internet Security | 7.0 | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Microsoft | Windows Server | All | All | All | All |
| Operating System | Microsoft | Windows Server | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Kaspersky Internet Security Suite Multiple Local Vulnerabilities | BID | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| KLV07-07.Klif.sys calling NtOpenProcess vulnerability | CONFIRM | www.kaspersky.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Kaspersky Anti-Virus "klif.sys" Denial of Service Vulnerability - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Kaspersky Internet Security 6 SSDT Hooks Multiple Local Vulnerabilities | BID | www.securityfocus.com | |
| www.rootkit.com/newsread.php | MISC | www.rootkit.com | |
| www.rootkit.com/board.php | MISC | www.rootkit.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Uninformed | MISC | uninformed.org | |
| Advisory 2007-06-15.01 - matousec.com | MISC | www.matousec.com | |
| Kaspersky AntiVirus klif.sys Hooked Functions Denial of Service - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Uninformed | MISC | uninformed.org | |
| Kaspersky Internet Security 'klif.sys' Driver Lets Local Users Deny Service - SecurityTracker | SECTRACK | www.securitytracker.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.