Kaspersky Internet Security Suite Multiple Local Vulnerabilities
BID:18341
CVE-2006-3074 |Info
Kaspersky Internet Security Suite Multiple Local Vulnerabilities
| Bugtraq ID: | 18341 |
| Class: | Unknown |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 08 2006 12:00AM |
| Updated: | Jun 12 2007 07:00PM |
| Credit: | Skywing and EP_X0FF disclosed these vulnerabilities. |
| Vulnerable: |
Kaspersky Internet Security 7.0 Kaspersky Internet Security 6.0 Kaspersky Internet Security 6.0 Kaspersky Internet Security 5.0 Kaspersky Anti-Virus for Windows Workstation 6.0 Kaspersky Anti-Virus for Windows Server 6.0 Kaspersky Anti-Virus 7.0 Kaspersky Anti-Virus 6.0 |
| Not Vulnerable: | |
Discussion
Kaspersky Internet Security Suite Multiple Local Vulnerabilities
Kaspersky Internet Security Suite is prone to multiple local vulnerabilities.
These vulnerabilities allow local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
The following are reported vulnerable:
Kaspersky Internet Security 6.0, 7.0
Kaspersky Anti-Virus 6.0 and 7.0
Kaspersky Anti-Virus for Windows Workstations 6.0
Previous versions may be vulnerable as well.
Kaspersky Internet Security Suite is prone to multiple local vulnerabilities.
These vulnerabilities allow local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.
The following are reported vulnerable:
Kaspersky Internet Security 6.0, 7.0
Kaspersky Anti-Virus 6.0 and 7.0
Kaspersky Anti-Virus for Windows Workstations 6.0
Previous versions may be vulnerable as well.
Exploit / POC
Kaspersky Internet Security Suite Multiple Local Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution / Fix
Kaspersky Internet Security Suite Multiple Local Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Kaspersky Internet Security Suite Multiple Local Vulnerabilities
References:
References:
- Anti-Virus Software Gone Wrong (Uninformed)
- Exploiting Kaspersky Antivirus 6.0-7.0 (Rootkit)
- Kaspersky Internet Security Product Page (Kaspersky Labs)
- Kaspersky® Anti-Virus and Kaspersky® Internet Security 6.0: Potential vulnerabil (Kaspersky)
- KLV07-07.Klif.sys calling NtOpenProcess vulnerability (Kaspersky)
- Uninformed Journal Release Announcement: Volume 4 (Uninformed Journal
)