{"api_version":"1","generated_at":"2026-04-23T00:38:27+00:00","cve":"CVE-2009-4452","urls":{"html":"https://cve.report/CVE-2009-4452","api":"https://cve.report/api/cve/CVE-2009-4452.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2009-4452","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2009-4452"},"summary":{"title":"CVE-2009-4452","description":"Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2009-12-29 20:41:00","updated_at":"2018-10-10 19:49:00"},"problem_types":["CWE-264"],"metrics":[],"references":[{"url":"http://www.securitytracker.com/id?1023367","name":"1023367","refsource":"SECTRACK","tags":[],"title":"Kaspersky Internet Security Unsafe Access Control Configuration for BASES Folder Lets Local Users Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.vupen.com/english/advisories/2009/3573","name":"ADV-2009-3573","refsource":"VUPEN","tags":["Vendor Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/508508/100/0/threaded","name":"20091216 Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability","refsource":"BUGTRAQ","tags":[],"title":"SecurityFocus","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id?1023366","name":"1023366","refsource":"SECTRACK","tags":[],"title":"Kaspersky Anti-Virus Unsafe Access Control Configuration for BASES Folder Lets Local Users Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.exploit-db.com/exploits/10484","name":"10484","refsource":"EXPLOIT-DB","tags":["Exploit"],"title":"Kaspersky Lab (Multiple Products) - Local Privilege Escalation - Windows local Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37398","name":"37398","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Kaspersky Anti-Virus 2010 Denial of Service and Privilege Escalation - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/37730","name":"37730","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Kaspersky Products Insecure Default Directory Permissions - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2009-4452","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-4452","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"5.0.712","cpe7":"*","cpe8":"windows_workstations","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"6.0.3.837","cpe7":"*","cpe8":"windows_file_servers","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"6.0.3.837","cpe7":"*","cpe8":"windows_workstation","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"7.0.1.325","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"5.0.712","cpe7":"*","cpe8":"windows_workstations","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"6.0.3.837","cpe7":"*","cpe8":"windows_file_servers","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"6.0.3.837","cpe7":"*","cpe8":"windows_workstation","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus","cpe6":"7.0.1.325","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_2009","cpe6":"8.0.0.454","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_2009","cpe6":"8.0.0.454","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_2010","cpe6":"9.0.0.463","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_2010","cpe6":"9.0.0.463","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0.227","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0.228","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0.325","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0.227","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0.228","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_anti-virus_personal","cpe6":"5.0.325","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_internet_security","cpe6":"7.0.1.325","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_internet_security","cpe6":"7.0.1.325","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_internet_security_2009","cpe6":"8.0.0.506","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_internet_security_2009","cpe6":"8.0.0.506","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_internet_security_2010","cpe6":"9.0.0.463","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"4452","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"kaspersky_lab","cpe5":"kaspersky_internet_security_2010","cpe6":"9.0.0.463","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2009-4452","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"ADV-2009-3573","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2009/3573"},{"name":"1023366","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1023366"},{"name":"37730","refsource":"SECUNIA","url":"http://secunia.com/advisories/37730"},{"name":"20091216 Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/508508/100/0/threaded"},{"name":"10484","refsource":"EXPLOIT-DB","url":"http://www.exploit-db.com/exploits/10484"},{"name":"37398","refsource":"SECUNIA","url":"http://secunia.com/advisories/37398"},{"name":"1023367","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1023367"}]}},"nvd":{"publishedDate":"2009-12-29 20:41:00","lastModifiedDate":"2018-10-10 19:49:00","problem_types":["CWE-264"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":6.8},"severity":"MEDIUM","exploitabilityScore":3.1,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.228:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_2009:8.0.0.454:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.712:*:windows_workstations:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_2010:9.0.0.463:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:7.0.1.325:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_internet_security_2010:9.0.0.463:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_internet_security_2009:8.0.0.506:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:7.0.1.325:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0.3.837:*:windows_workstation:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.325:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0.3.837:*:windows_file_servers:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2009","CveId":"4452","Ordinal":"41768","Title":"CVE-2009-4452","CVE":"CVE-2009-4452","Year":"2009"},"notes":[{"CveYear":"2009","CveId":"4452","Ordinal":"1","NoteData":"Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse.","Type":"Description","Title":null},{"CveYear":"2009","CveId":"4452","Ordinal":"2","NoteData":"2009-12-29","Type":"Other","Title":"Published"},{"CveYear":"2009","CveId":"4452","Ordinal":"3","NoteData":"2018-10-10","Type":"Other","Title":"Modified"}]}}}