All the vulnerabilites related to kaspersky_lab - kaspersky_anti-virus
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A61EFFE9-0AE6-4866-84BD-42B86C1D8B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"id": "CVE-2004-0932",
"lastModified": "2024-11-20T23:49:42.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-05 20:32
Modified
2024-11-21 00:44
Severity ?
Summary
Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_anti-virus | 7.0 | |
| kaspersky_lab | kaspersky_internet_security | 6.0 | |
| kaspersky_lab | kaspersky_internet_security | 7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB11D125-1699-41E8-9184-6961D7AA4C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "42BDC78B-D322-4571-B930-335F5AA82A31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EBD42038-FE1C-4AC9-9830-8021139847CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4140C79-F4BA-4159-A1DC-5BD63642A4D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en kl1.sys en Kaspersky Anti-Virus 6.0 y 7.0, y en Internet Security 6.0 y 7.0, permite a usuarios locales aumentar privilegios a trav\u00e9s de una llamada IOCTL 0x800520e8"
}
],
"id": "CVE-2008-1518",
"lastModified": "2024-11-21T00:44:43.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-05T20:32:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30534"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020195"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1020196"
},
{
"source": "cve@mitre.org",
"url": "http://www.kaspersky.com/technews?id=203038727"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1739"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/30534"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kaspersky.com/technews?id=203038727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42849"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 00:19
Modified
2024-11-21 00:27
Severity ?
Summary
Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_internet_security | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:windows_workstation:*:*:*:*:*",
"matchCriteriaId": "4FBBEA6A-F02E-4B35-B807-5E5C05EF25A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:6.0:maintenance_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "95A787E0-7060-4544-993A-9CB319B6925E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to \"download\" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods."
},
{
"lang": "es",
"value": "Kaspersky Anti-Virus 6.0 e Internet Security 6.0 revela m\u00e9todos no seguros en los controles ActiveX (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) y (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll), los cuales permiten a atacantes remotos descargar o borrar archivos de su elecci\u00f3n a trav\u00e9s de argumentos manipulados en los m\u00e9todos (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, o (4) StartUploading."
}
],
"id": "CVE-2007-1112",
"lastModified": "2024-11-21T00:27:32.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/464882/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23345"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017884"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017885"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-014.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464882/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23345"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A61EFFE9-0AE6-4866-84BD-42B86C1D8B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"id": "CVE-2004-0934",
"lastModified": "2024-11-20T23:49:43.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-06-09 04:00
Modified
2024-11-20 23:58
Severity ?
Summary
The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0.227 | |
| kaspersky_lab | kaspersky_anti-virus | 5.0.228 | |
| kaspersky_lab | kaspersky_anti-virus | 5.0.335 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.227 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.228 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.325 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.227:*:windows_file_servers:*:*:*:*:*",
"matchCriteriaId": "75093819-5663-4478-A291-60FF71D0258B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.228:*:windows_file_servers:*:*:*:*:*",
"matchCriteriaId": "AD53B19B-64C8-4D05-81E0-770EEAE55D32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.335:*:windows_file_servers:*:*:*:*:*",
"matchCriteriaId": "7D53F90C-00DB-4A12-9AD6-DB6917D0E034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227:*:*:*:*:*:*:*",
"matchCriteriaId": "E101D150-B268-43AA-9876-469DF471DFC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.228:*:*:*:*:*:*:*",
"matchCriteriaId": "22A10BAE-B162-4276-8B08-8E449D9B282D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.325:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3AAC32-1911-4955-B1B1-CF7B26BEA3F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs."
}
],
"id": "CVE-2005-1905",
"lastModified": "2024-11-20T23:58:23.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-06-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=111817777430401\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/13878"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=111817777430401\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/13878"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-10 02:28
Modified
2024-11-21 00:22
Severity ?
Summary
Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.5.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.5.10:*:linux_mail_servers:*:*:*:*:*",
"matchCriteriaId": "AA259D4D-A4C6-47CC-AF93-E5CADBB38AF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
},
{
"lang": "es",
"value": "Kaspersky Anti-Virus para Linux Mail Servers 5.5.10 permite a atacantes remotos evitar una detecci\u00f3n de virus, insertando caracteres inv\u00e1lidos en un contenido codificado base 64 en un fichero MIME multipart/mixed, como se demuestra con el fichero de testeo EICAR."
}
],
"id": "CVE-2006-6408",
"lastModified": "2024-11-21T00:22:37.007",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-10T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21461"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 00:19
Modified
2024-11-21 00:29
Severity ?
Summary
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | * | |
| kaspersky_lab | kaspersky_anti-virus | * | |
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_internet_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:*:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "79FD91CC-D5B2-4D4B-95BC-45BDC12BF719",
"versionEndIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:*:*:windows_workstation:*:*:*:*:*",
"matchCriteriaId": "056CE4C6-6A2D-4195-BD4D-A0687F4B33C3",
"versionEndIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB11D125-1699-41E8-9184-6961D7AA4C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "964B4C87-B601-444F-8F13-D94D75E9C750",
"versionEndIncluding": "6.0.1.411",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned \"data size argument,\" which results in a heap overflow."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer de entero en la funci\u00f3n _NtSetValueKey en klif.sys en Kaspersky Anti-Virus, Anti-Virus para estaciones de trabajo, Anti-Virus para File Server 6.0, e Internet Security 6.0 anterior a Maintenance Pack 2 construcci\u00f3n 6.0.2.614 permite a atacantes dependientes del contexto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un argumento de tama\u00f1o de datos no asignado, el cual resulta en un desbordamiento de pila."
}
],
"evaluatorSolution": "The vendor has addressed this vulnerability within Maintenance Pack 2. More information is available from the following link: \r\nhttp://www.kaspersky.com/technews?id=203038693 \r\n\r\n",
"id": "CVE-2007-1880",
"lastModified": "2024-11-21T00:29:22.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 2.7,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "cve@mitre.org",
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"source": "cve@mitre.org",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/33851"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23326"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017872"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017873"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/33851"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33460"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-20 22:07
Modified
2024-11-21 00:17
Severity ?
Summary
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0 | |
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0 | |
| kaspersky_lab | kaspersky_anti-virus_personal_pro | 5.0 | |
| kaspersky_lab | kaspersky_internet_security | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_workstations:*:*:*:*:*",
"matchCriteriaId": "5897A334-2627-480C-9CF3-85AF3B7650BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:workstations:*:*:*:*:*",
"matchCriteriaId": "53049BB1-486B-4C01-A3F5-F900FAD33024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA07931-220A-4FCC-A83D-0C91563385DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal_pro:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A64212DE-796D-4D5D-901A-0B5FA40D9C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:6.0:maintenance_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "95A787E0-7060-4544-993A-9CB319B6925E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL."
},
{
"lang": "es",
"value": "El NDIS-TDI Hooking Engine, seg\u00fan lo utilizado en (1) KLICK (KLICK.SYS) y (2) KLIN (KLIN.SYS) en los controladores de dispositivos 2.0.0.281 en Kaspersky Labs Anti-Virus 6.0.0.303 y otros antivirus o productos de seguridad de Internet, permite a un usuario local ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un estructura Irp artesanal con una direcci\u00f3n inv\u00e1lida en 0x80052110 IOCTL."
}
],
"id": "CVE-2006-4926",
"lastModified": "2024-11-21T00:17:10.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-20T22:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22478"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1017093"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038678"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.osvdb.org/29891"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/449289/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/449301/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/20635"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4117"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1017093"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038678"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.osvdb.org/29891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/449289/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/449301/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/20635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29677"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-10-14 10:02
Modified
2024-11-21 00:01
Severity ?
Summary
Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "72C69048-3912-4AA0-9EE1-A0FDE712199E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
],
"id": "CVE-2005-3210",
"lastModified": "2024-11-21T00:01:21.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-10-14T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-03-09 13:06
Modified
2024-11-21 00:08
Severity ?
Summary
Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0.5 | |
| kaspersky_lab | kaspersky_anti-virus | 5.5.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8C4F04BE-1360-44A6-B73A-1F53B25645F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF16F3C8-6050-4E7A-A6EB-504DDB819044",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors."
}
],
"id": "CVE-2006-1091",
"lastModified": "2024-11-21T00:08:03.500",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-03-09T13:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/535"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/426699"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16942"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/archive/1/426699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25221"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-18 06:04
Modified
2024-11-21 00:02
Severity ?
Summary
Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_file_servers:*:*:*:*:*",
"matchCriteriaId": "DFD8A5C2-DC03-4605-B502-3A895B7D377C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder."
}
],
"id": "CVE-2005-3663",
"lastModified": "2024-11-21T00:02:22.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-18T06:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/187"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015224"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=340\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015224"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=340\u0026type=vulnerabilities"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-08-16 04:00
Modified
2024-11-20 23:59
Severity ?
Summary
Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "5A3B9DBA-58A9-4E15-8B22-67795D047278",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing."
}
],
"id": "CVE-2005-2582",
"lastModified": "2024-11-20T23:59:53.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-08-16T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit.txt"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112387573811339\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112387573811339\u0026w=2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-09-26 10:17
Modified
2024-11-21 00:37
Severity ?
Summary
Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, and (7) NtUserBuildHwndList kernel SSDT hooks in kylif.sys; the (8) NtDuplicateObject (DuplicateHandle) kernel SSDT hook; and possibly other kernel SSDT hooks. NOTE: the NtCreateSection vector is covered by CVE-2007-5043.1. NOTE: the vendor disputes that the DuplicateHandle vector is a vulnerability in their code, stating that "it is not an error in our code, but an obscure method for manipulating standard Windows routines to circumvent our self-defense mechanisms."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | * | |
| kaspersky_lab | kaspersky_internet_security | 7.0_build125 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0DF096B6-3A74-4214-B886-110127E4BAC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:7.0_build125:*:*:*:*:*:*:*",
"matchCriteriaId": "8A13F7D6-1B34-41F1-A2DB-725F7D39063C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, and (7) NtUserBuildHwndList kernel SSDT hooks in kylif.sys; the (8) NtDuplicateObject (DuplicateHandle) kernel SSDT hook; and possibly other kernel SSDT hooks. NOTE: the NtCreateSection vector is covered by CVE-2007-5043.1. NOTE: the vendor disputes that the DuplicateHandle vector is a vulnerability in their code, stating that \"it is not an error in our code, but an obscure method for manipulating standard Windows routines to circumvent our self-defense mechanisms.\""
},
{
"lang": "es",
"value": "Kaspersky Anti-Virus (KAV) y Internet Security 7.0 construcci\u00f3n 125 no valida de forma adecuada ciertos par\u00e1metros en System Service Descriptor Table (SSDT) y manejadores de funci\u00f3n Shadow SSDT, lo cual permite a usuarios locales provocar denegaci\u00f3n de servicio (caida) a trav\u00e9s de (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, y (7) NtUserBuildHwndList kernel SSDT enganchado en kylif.sys; el gancho(8) kernel NtDuplicateObject (DuplicateHandle) SSDT. NOTA: el vendededor cuestiona que el vector DuplicateHandle es una vulnerabilidad en su c\u00f3digo, bas\u00e1ndose en que \"no es un error de nuestro c\u00f3digo, pero un m\u00e9todo oscuro para la manipulaci\u00f3n estandar de las rutinas de windows sortea nuestros mecanismos de autodefensa\"."
}
],
"id": "CVE-2007-5086",
"lastModified": "2024-11-21T00:37:05.633",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-09-26T10:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37990"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26887"
},
{
"source": "cve@mitre.org",
"url": "http://www.kaspersky.com/technews?id=203038706"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.rootkit.com/newsread.php?newsid=778"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3259"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kaspersky.com/technews?id=203038706"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.rootkit.com/newsread.php?newsid=778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3259"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 4.0.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FDAE34-0EE7-4EAB-B1A2-9FF611D5E63F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com."
}
],
"id": "CVE-2003-1443",
"lastModified": "2024-11-20T23:47:10.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11292"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11292"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-18 06:04
Modified
2024-11-21 00:02
Severity ?
Summary
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 4.50 | |
| kaspersky_lab | kaspersky_anti-virus | 5.0.5 | |
| kaspersky_lab | kaspersky_anti-virus | 5.0.5 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.227 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:linux:*:*:*:*:*",
"matchCriteriaId": "55C7A7CD-1BAB-475A-BEC1-3AFD15366103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "5A3B9DBA-58A9-4E15-8B22-67795D047278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "A4C38ABE-5C16-4DD0-88A4-21597315567F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227:*:*:*:*:*:*:*",
"matchCriteriaId": "E101D150-B268-43AA-9876-469DF471DFC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file."
}
],
"id": "CVE-2005-3664",
"lastModified": "2024-11-21T00:02:23.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-18T06:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17130"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17144"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/19912"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/19913"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15054"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A61EFFE9-0AE6-4866-84BD-42B86C1D8B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"id": "CVE-2004-0933",
"lastModified": "2024-11-20T23:49:43.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-10-30 14:34
Modified
2024-11-21 00:01
Severity ?
Summary
Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0.372 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.372:*:*:*:*:*:*:*",
"matchCriteriaId": "789BB368-937D-424F-9914-2D7B68D32B9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\""
}
],
"id": "CVE-2005-3376",
"lastModified": "2024-11-21T00:01:44.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2005-10-30T14:34:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityelf.org/magicbyte.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityelf.org/magicbyteadv.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityelf.org/updmagic.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityelf.org/magicbyte.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityelf.org/magicbyteadv.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityelf.org/updmagic.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15189"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 4.0.9.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0FDAE34-0EE7-4EAB-B1A2-9FF611D5E63F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname."
}
],
"id": "CVE-2003-1444",
"lastModified": "2024-11-20T23:47:10.587",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11291"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11291"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A61EFFE9-0AE6-4866-84BD-42B86C1D8B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"id": "CVE-2004-0936",
"lastModified": "2024-11-20T23:49:43.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-10-05 21:02
Modified
2024-11-21 00:01
Severity ?
Summary
Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0 | |
| kaspersky_lab | kaspersky_anti-virus | 5.0 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0 | |
| kaspersky_lab | kaspersky_anti-virus_personal_pro | 5.0 | |
| kaspersky_lab | kaspersky_personal_security_suite | 1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_file_servers:*:*:*:*:*",
"matchCriteriaId": "DFD8A5C2-DC03-4605-B502-3A895B7D377C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_workstations:*:*:*:*:*",
"matchCriteriaId": "5897A334-2627-480C-9CF3-85AF3B7650BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA07931-220A-4FCC-A83D-0C91563385DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal_pro:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A64212DE-796D-4D5D-901A-0B5FA40D9C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_personal_security_suite:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05EAE20B-6A64-4AC0-91C3-73AEC48B4BF1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header."
}
],
"id": "CVE-2005-3142",
"lastModified": "2024-11-21T00:01:12.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-10-05T21:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=112837961522571\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17024/"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/44"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1014998"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kaspersky.com/news?id=171512144"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/19850"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rem0te.com/public/images/kaspersky.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/14998"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/1934"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=112837961522571\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17024/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/44"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1014998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kaspersky.com/news?id=171512144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.rem0te.com/public/images/kaspersky.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/14998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/1934"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22497"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 00:19
Modified
2024-11-21 00:25
Severity ?
Summary
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_internet_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "3F7ABC05-BD60-4345-898C-FF1045001013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:windows_workstation:*:*:*:*:*",
"matchCriteriaId": "4FBBEA6A-F02E-4B35-B807-5E5C05EF25A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:workstations:*:*:*:*:*",
"matchCriteriaId": "53049BB1-486B-4C01-A3F5-F900FAD33024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:*:maintenance_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "21B7A75C-61EF-415B-A4DC-90527AFC39C6",
"versionEndIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el m\u00f3dulo arj.ppl en OnDemand Scanner en Kaspersky Anti-Virus, Anti-Virus para estaciones de trabajo, y Anti-Virus para File Servers 6.0, e Internet Security 6.0 anterior a Maintenance Pack 2 construccion 6.0.2.614 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de archivos ARJ."
}
],
"id": "CVE-2007-0445",
"lastModified": "2024-11-21T00:25:52.750",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/464878/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23346"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017882"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017883"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/464878/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017882"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33489"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-02-10 07:00
Modified
2024-11-21 00:59
Severity ?
Summary
Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_anti-virus | 2008 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:workstations:*:*:*:*:*",
"matchCriteriaId": "53049BB1-486B-4C01-A3F5-F900FAD33024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D2326C-7F5E-42DC-9C2C-216726D85924",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en klim5.sys de Kaspersky Anti-Virus for Workstations v6.0 y Anti-Virus 2008, permite a usuarios locales obtener privilegios a trav\u00e9s de una llamada IOCTL 0x80052110."
}
],
"id": "CVE-2009-0449",
"lastModified": "2024-11-21T00:59:55.877",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-02-10T07:00:23.500",
"references": [
{
"source": "cve@mitre.org",
"url": "http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33788"
},
{
"source": "cve@mitre.org",
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=60\u0026Itemid=1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/500606/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/33561"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021661"
},
{
"source": "cve@mitre.org",
"url": "http://www.wintercore.com/advisories/advisory_W020209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/33788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=60\u0026Itemid=1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/500606/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/33561"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021661"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.wintercore.com/advisories/advisory_W020209.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 00:19
Modified
2024-11-21 00:29
Severity ?
Summary
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | * | |
| kaspersky_lab | kaspersky_anti-virus | * | |
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_internet_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:*:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "79FD91CC-D5B2-4D4B-95BC-45BDC12BF719",
"versionEndIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4B1A70D7-B812-42CB-A21D-528807193CF0",
"versionEndIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB11D125-1699-41E8-9184-6961D7AA4C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "964B4C87-B601-444F-8F13-D94D75E9C750",
"versionEndIncluding": "6.0.1.411",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en KLIF (klif.sys) de Kaspersky Anti-Virus, Anti-Virus para estaciones de trabajo, y Anti-Virus para Servidores de archivos 6.0, e Internet Security 6.0 versiones anteriores a Maintenance Pack 2 build 6.0.2.614 permite a usuarios locales obtener privilegios Ring-0 mediante vectores no especificados."
}
],
"id": "CVE-2007-1881",
"lastModified": "2024-11-21T00:29:22.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-06T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "cve@mitre.org",
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"source": "cve@mitre.org",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/33852"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/33852"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1268"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-10 05:00
Modified
2024-11-20 23:50
Severity ?
Summary
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
},
{
"lang": "es",
"value": "El m\u00f3dulo Perl Archive::Zip anterior a 1.14, cuando se usa en programas antivirus como amavisd-new, permite a atacantes remotos saltarse la protecci\u00f3n del antivirus mediante un ficheros comprimido con cabeceras globales y locales establecido a cero, lo que no impide que el fichero comprimido sea abierto en un sistema objetivo."
}
],
"id": "CVE-2004-1096",
"lastModified": "2024-11-20T23:50:05.520",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-10T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/13038/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/13038/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-06 00:19
Modified
2024-11-21 00:29
Severity ?
Summary
The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 6.0 | |
| kaspersky_lab | kaspersky_internet_security | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:windows_workstation:*:*:*:*:*",
"matchCriteriaId": "4FBBEA6A-F02E-4B35-B807-5E5C05EF25A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "964B4C87-B601-444F-8F13-D94D75E9C750",
"versionEndIncluding": "6.0.1.411",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112."
},
{
"lang": "es",
"value": "La funci\u00f3n StartUploading del control de ActiveX KL.SysInfo (AxKLSysInfo.dll) en el Anti-Virus Kaspersky 6.0 y Internet Security 6.0 antes del parche de mantenimiento 2 versi\u00f3n 6.0.2.614 permite a atacantes remotos leer ficheros de su elecci\u00f3n disparando una sesi\u00f3n FTP an\u00f3nima de salida que invoca a un comando PUT. NOTA: esta vulnerabilidad puede estar relacionada con la CVE-2007-1112."
}
],
"id": "CVE-2007-1879",
"lastModified": "2024-11-21T00:29:22.290",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-04-06T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23325"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017871"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017871"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-01-27 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A61EFFE9-0AE6-4866-84BD-42B86C1D8B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"id": "CVE-2004-0935",
"lastModified": "2024-11-20T23:49:43.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-01-27T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-09 05:00
Modified
2024-11-20 23:49
Severity ?
Summary
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A61EFFE9-0AE6-4866-84BD-42B86C1D8B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"id": "CVE-2004-0937",
"lastModified": "2024-11-20T23:49:43.687",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-09T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-29 20:41
Modified
2024-11-21 01:09
Severity ?
Summary
Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | 5.0.712 | |
| kaspersky_lab | kaspersky_anti-virus | 6.0.3.837 | |
| kaspersky_lab | kaspersky_anti-virus | 6.0.3.837 | |
| kaspersky_lab | kaspersky_anti-virus | 7.0.1.325 | |
| kaspersky_lab | kaspersky_anti-virus_2009 | 8.0.0.454 | |
| kaspersky_lab | kaspersky_anti-virus_2010 | 9.0.0.463 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.227 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.228 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.325 | |
| kaspersky_lab | kaspersky_internet_security | 7.0.1.325 | |
| kaspersky_lab | kaspersky_internet_security_2009 | 8.0.0.506 | |
| kaspersky_lab | kaspersky_internet_security_2010 | 9.0.0.463 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.712:*:windows_workstations:*:*:*:*:*",
"matchCriteriaId": "1D6BB158-236E-4B5B-B32F-265484B88668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0.3.837:*:windows_file_servers:*:*:*:*:*",
"matchCriteriaId": "FC269851-529F-4806-B873-1024F05EE1BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0.3.837:*:windows_workstation:*:*:*:*:*",
"matchCriteriaId": "897366CD-7C06-4124-A66A-9D499FFE0E09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:7.0.1.325:*:*:*:*:*:*:*",
"matchCriteriaId": "A80BDC43-39DB-49C9-9F73-A97B42EAE74D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_2009:8.0.0.454:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE76B5D-5587-4ECE-8530-440BF4F453B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_2010:9.0.0.463:*:*:*:*:*:*:*",
"matchCriteriaId": "46A667E4-8E75-4CFF-B30D-1D3D11200A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA07931-220A-4FCC-A83D-0C91563385DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227:*:*:*:*:*:*:*",
"matchCriteriaId": "E101D150-B268-43AA-9876-469DF471DFC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.228:*:*:*:*:*:*:*",
"matchCriteriaId": "22A10BAE-B162-4276-8B08-8E449D9B282D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.325:*:*:*:*:*:*:*",
"matchCriteriaId": "7F3AAC32-1911-4955-B1B1-CF7B26BEA3F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:7.0.1.325:*:*:*:*:*:*:*",
"matchCriteriaId": "65942CAB-ED76-4FC6-81AF-E3AE56A58185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security_2009:8.0.0.506:*:*:*:*:*:*:*",
"matchCriteriaId": "03D166CB-4E20-4A58-BE03-EB342B477027",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_internet_security_2010:9.0.0.463:*:*:*:*:*:*:*",
"matchCriteriaId": "E125CB4B-DA1B-4D37-B1C7-9F7025716BA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse."
},
{
"lang": "es",
"value": "Kaspersky Anti-Virus v5.0 (v5.0.712); Antivirus Personal v5.0.x; Anti-Virus v6.0 (v6.0.3.837), v7 (v7.0.1.325), 2009 (v8.0.0.x), and 2010 (v9.0.0.463); y Internet Security v7 (v7.0.1.325), 2009 (v8.0.0.x), and 2010 (v9.0.0.463); usan permisos d\u00e9biles (Todo el mundo: Control Total) en el directorio BASES, lo que permite a usuarios locales obtener privilegios de SYSTEM sustituyendo un ejecutable o DLL con un caballo de troya."
}
],
"id": "CVE-2009-4452",
"lastModified": "2024-11-21T01:09:40.800",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-29T20:41:20.577",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37398"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37730"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/10484"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/508508/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023366"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023367"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37398"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.exploit-db.com/exploits/10484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508508/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3573"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2006-4926
Vulnerability from cvelistv5
Published
2006-10-20 22:00
Modified
2024-08-07 19:32
Severity ?
EPSS score ?
Summary
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/449289/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29677 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/29891 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/449301/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.kaspersky.com/technews?id=203038678 | x_refsource_CONFIRM | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425 | third-party-advisory, x_refsource_IDEFENSE | |
| http://secunia.com/advisories/22478 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/20635 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1017093 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/4117 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:32:22.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061020 [Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/449289/100/0/threaded"
},
{
"name": "kaspersky-klinklick-privilege-escalation(29677)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29677"
},
{
"name": "29891",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/29891"
},
{
"name": "20061020 Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/449301/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038678"
},
{
"name": "20061020 Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425"
},
{
"name": "22478",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22478"
},
{
"name": "20635",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20635"
},
{
"name": "1017093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017093"
},
{
"name": "ADV-2006-4117",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4117"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061020 [Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/449289/100/0/threaded"
},
{
"name": "kaspersky-klinklick-privilege-escalation(29677)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29677"
},
{
"name": "29891",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/29891"
},
{
"name": "20061020 Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/449301/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038678"
},
{
"name": "20061020 Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425"
},
{
"name": "22478",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22478"
},
{
"name": "20635",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20635"
},
{
"name": "1017093",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017093"
},
{
"name": "ADV-2006-4117",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4117"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4926",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061020 [Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449289/100/0/threaded"
},
{
"name": "kaspersky-klinklick-privilege-escalation(29677)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29677"
},
{
"name": "29891",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/29891"
},
{
"name": "20061020 Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/449301/100/0/threaded"
},
{
"name": "http://www.kaspersky.com/technews?id=203038678",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038678"
},
{
"name": "20061020 Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425"
},
{
"name": "22478",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22478"
},
{
"name": "20635",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20635"
},
{
"name": "1017093",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017093"
},
{
"name": "ADV-2006-4117",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4117"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4926",
"datePublished": "2006-10-20T22:00:00",
"dateReserved": "2006-09-22T00:00:00",
"dateUpdated": "2024-08-07T19:32:22.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3663
Vulnerability from cvelistv5
Published
2005-11-18 11:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
| http://securitytracker.com/id?1015224 | vdb-entry, x_refsource_SECTRACK | |
| http://securityreason.com/securityalert/187 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.377Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20051115 Multiple Vendor Insecure Call to CreateProcess() Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=340\u0026type=vulnerabilities"
},
{
"name": "1015224",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015224"
},
{
"name": "187",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/187"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-24T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20051115 Multiple Vendor Insecure Call to CreateProcess() Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=340\u0026type=vulnerabilities"
},
{
"name": "1015224",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015224"
},
{
"name": "187",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/187"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3663",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious \"program.exe\" file in the C: folder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20051115 Multiple Vendor Insecure Call to CreateProcess() Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=340\u0026type=vulnerabilities"
},
{
"name": "1015224",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015224"
},
{
"name": "187",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/187"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3663",
"datePublished": "2005-11-18T11:00:00",
"dateReserved": "2005-11-18T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.377Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0934
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/968818 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/11448 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.124Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0934",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-04T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6408
Vulnerability from cvelistv5
Published
2006-12-10 02:00
Modified
2024-08-07 20:26
Severity ?
EPSS score ?
Summary
Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/21461 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/453654/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.quantenblog.net/security/virus-scanner-bypass | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.061Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6408",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"name": "http://www.quantenblog.net/security/virus-scanner-bypass",
"refsource": "MISC",
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6408",
"datePublished": "2006-12-10T02:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4452
Vulnerability from cvelistv5
Published
2009-12-29 20:15
Modified
2024-08-07 07:01
Severity ?
EPSS score ?
Summary
Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/3573 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1023366 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/37730 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/508508/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.exploit-db.com/exploits/10484 | exploit, x_refsource_EXPLOIT-DB | |
| http://secunia.com/advisories/37398 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1023367 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-3573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3573"
},
{
"name": "1023366",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023366"
},
{
"name": "37730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37730"
},
{
"name": "20091216 Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508508/100/0/threaded"
},
{
"name": "10484",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/10484"
},
{
"name": "37398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37398"
},
{
"name": "1023367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023367"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-3573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3573"
},
{
"name": "1023366",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023366"
},
{
"name": "37730",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37730"
},
{
"name": "20091216 Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508508/100/0/threaded"
},
{
"name": "10484",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/10484"
},
{
"name": "37398",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37398"
},
{
"name": "1023367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023367"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4452",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-3573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3573"
},
{
"name": "1023366",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023366"
},
{
"name": "37730",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37730"
},
{
"name": "20091216 Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508508/100/0/threaded"
},
{
"name": "10484",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/10484"
},
{
"name": "37398",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37398"
},
{
"name": "1023367",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023367"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4452",
"datePublished": "2009-12-29T20:15:00",
"dateReserved": "2009-12-29T00:00:00",
"dateUpdated": "2024-08-07T07:01:20.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0936
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/968818 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/11448 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.229Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0936",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-04T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.229Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0932
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/11448 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.096Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0932",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "11448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0932",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-04T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.096Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0933
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | vdb-entry, x_refsource_XF | |
| http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/11448 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"name": "11448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0933",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-04T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0935
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/968818 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/11448 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.168Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0935",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0935",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-04T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.168Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0937
Vulnerability from cvelistv5
Published
2004-11-19 05:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/968818 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/11448 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:48.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "antivirus-zip-protection-bypass(17761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#968818",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "11448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0937",
"datePublished": "2004-11-19T05:00:00",
"dateReserved": "2004-10-05T00:00:00",
"dateUpdated": "2024-08-08T00:31:48.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1879
Vulnerability from cvelistv5
Published
2007-04-06 00:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112.
References
| ▼ | URL | Tags |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504 | third-party-advisory, x_refsource_IDEFENSE | |
| http://secunia.com/advisories/24778 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1017871 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kaspersky.com/technews?id=203038694 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/1268 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/23325 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33464 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.999Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070404 Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24778"
},
{
"name": "1017871",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017871"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "23325",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23325"
},
{
"name": "kaspersky-startuploading-info-disclosure(33464)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070404 Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24778"
},
{
"name": "1017871",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017871"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "23325",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23325"
},
{
"name": "kaspersky-startuploading-info-disclosure(33464)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070404 Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504"
},
{
"name": "24778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24778"
},
{
"name": "1017871",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017871"
},
{
"name": "http://www.kaspersky.com/technews?id=203038694",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "23325",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23325"
},
{
"name": "kaspersky-startuploading-info-disclosure(33464)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1879",
"datePublished": "2007-04-06T00:00:00",
"dateReserved": "2007-04-05T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3210
Vulnerability from cvelistv5
Published
2005-10-14 04:00
Modified
2024-08-07 23:01
Severity ?
EPSS score ?
Summary
Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.
References
| ▼ | URL | Tags |
|---|---|---|
| http://shadock.net/secubox/AVCraftedArchive.html | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=112879611919750&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:59.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3210",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://shadock.net/secubox/AVCraftedArchive.html",
"refsource": "MISC",
"url": "http://shadock.net/secubox/AVCraftedArchive.html"
},
{
"name": "20051007 Antivirus detection bypass by special crafted archive.",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112879611919750\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3210",
"datePublished": "2005-10-14T04:00:00",
"dateReserved": "2005-10-14T00:00:00",
"dateUpdated": "2024-08-07T23:01:59.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-1096
Vulnerability from cvelistv5
Published
2004-12-01 05:00
Modified
2024-08-08 00:39
Severity ?
EPSS score ?
Summary
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/13038/ | third-party-advisory, x_refsource_SECUNIA | |
| http://www.mandriva.com/security/advisories?name=MDKSA-2004:118 | vendor-advisory, x_refsource_MANDRAKE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | vdb-entry, x_refsource_XF | |
| http://www.kb.cert.org/vuls/id/492545 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.securityfocus.com/bid/11448 | vdb-entry, x_refsource_BID | |
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml | vendor-advisory, x_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.876Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13038",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13038/"
},
{
"name": "MDKSA-2004:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"
},
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#492545",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "GLSA-200410-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-10-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13038",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13038/"
},
{
"name": "MDKSA-2004:118",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"
},
{
"name": "antivirus-zip-protection-bypass(17761)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#492545",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"name": "11448",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "GLSA-200410-31",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13038",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13038/"
},
{
"name": "MDKSA-2004:118",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"
},
{
"name": "antivirus-zip-protection-bypass(17761)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"name": "VU#492545",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"name": "11448",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11448"
},
{
"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "GLSA-200410-31",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1096",
"datePublished": "2004-12-01T05:00:00",
"dateReserved": "2004-11-30T00:00:00",
"dateUpdated": "2024-08-08T00:39:00.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-1905
Vulnerability from cvelistv5
Published
2005-06-08 04:00
Modified
2024-08-07 22:06
Severity ?
EPSS score ?
Summary
The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/13878 | vdb-entry, x_refsource_BID | |
| http://marc.info/?l=bugtraq&m=111817777430401&w=2 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:06:57.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13878",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/13878"
},
{
"name": "20050607 Kaspersky AntiVirus \"klif.sys\" Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111817777430401\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-06-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13878",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/13878"
},
{
"name": "20050607 Kaspersky AntiVirus \"klif.sys\" Privilege Escalation Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111817777430401\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-1905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13878",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/13878"
},
{
"name": "20050607 Kaspersky AntiVirus \"klif.sys\" Privilege Escalation Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111817777430401\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-1905",
"datePublished": "2005-06-08T04:00:00",
"dateReserved": "2005-06-08T00:00:00",
"dateUpdated": "2024-08-07T22:06:57.676Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-2582
Vulnerability from cvelistv5
Published
2005-08-16 04:00
Modified
2024-08-07 22:30
Severity ?
EPSS score ?
Summary
Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=112387573811339&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:30:01.606Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050812 Insecure directory permissions of default installation of Kaspersky",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112387573811339\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050812 Insecure directory permissions of default installation of Kaspersky",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112387573811339\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2582",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050812 Insecure directory permissions of default installation of Kaspersky",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112387573811339\u0026w=2"
},
{
"name": "ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit.txt",
"refsource": "MISC",
"url": "ftp://ftp.aerasec.de/pub/advisories/kav4unix/kav4unix-local-root-exploit.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2582",
"datePublished": "2005-08-16T04:00:00",
"dateReserved": "2005-08-16T00:00:00",
"dateUpdated": "2024-08-07T22:30:01.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5086
Vulnerability from cvelistv5
Published
2007-09-26 10:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, and (7) NtUserBuildHwndList kernel SSDT hooks in kylif.sys; the (8) NtDuplicateObject (DuplicateHandle) kernel SSDT hook; and possibly other kernel SSDT hooks. NOTE: the NtCreateSection vector is covered by CVE-2007-5043.1. NOTE: the vendor disputes that the DuplicateHandle vector is a vulnerability in their code, stating that "it is not an error in our code, but an obscure method for manipulating standard Windows routines to circumvent our self-defense mechanisms."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/3259 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/37990 | vdb-entry, x_refsource_OSVDB | |
| http://www.rootkit.com/newsread.php?newsid=778 | x_refsource_MISC | |
| http://www.kaspersky.com/technews?id=203038706 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/26887 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-3259",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3259"
},
{
"name": "37990",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37990"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rootkit.com/newsread.php?newsid=778"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038706"
},
{
"name": "26887",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26887"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, and (7) NtUserBuildHwndList kernel SSDT hooks in kylif.sys; the (8) NtDuplicateObject (DuplicateHandle) kernel SSDT hook; and possibly other kernel SSDT hooks. NOTE: the NtCreateSection vector is covered by CVE-2007-5043.1. NOTE: the vendor disputes that the DuplicateHandle vector is a vulnerability in their code, stating that \"it is not an error in our code, but an obscure method for manipulating standard Windows routines to circumvent our self-defense mechanisms.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-15T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-3259",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3259"
},
{
"name": "37990",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37990"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rootkit.com/newsread.php?newsid=778"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038706"
},
{
"name": "26887",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26887"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, and (7) NtUserBuildHwndList kernel SSDT hooks in kylif.sys; the (8) NtDuplicateObject (DuplicateHandle) kernel SSDT hook; and possibly other kernel SSDT hooks. NOTE: the NtCreateSection vector is covered by CVE-2007-5043.1. NOTE: the vendor disputes that the DuplicateHandle vector is a vulnerability in their code, stating that \"it is not an error in our code, but an obscure method for manipulating standard Windows routines to circumvent our self-defense mechanisms.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-3259",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3259"
},
{
"name": "37990",
"refsource": "OSVDB",
"url": "http://osvdb.org/37990"
},
{
"name": "http://www.rootkit.com/newsread.php?newsid=778",
"refsource": "MISC",
"url": "http://www.rootkit.com/newsread.php?newsid=778"
},
{
"name": "http://www.kaspersky.com/technews?id=203038706",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038706"
},
{
"name": "26887",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26887"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5086",
"datePublished": "2007-09-26T10:00:00",
"dateReserved": "2007-09-25T00:00:00",
"dateUpdated": "2024-08-07T15:17:28.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1443
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11292 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.459Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kav-device-name-bypass(11292)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11292"
},
{
"name": "20030211 SECURITY.NNOV: Kaspersky Antivirus DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kav-device-name-bypass(11292)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11292"
},
{
"name": "20030211 SECURITY.NNOV: Kaspersky Antivirus DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kav-device-name-bypass(11292)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11292"
},
{
"name": "20030211 SECURITY.NNOV: Kaspersky Antivirus DoS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1443",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.459Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1518
Vulnerability from cvelistv5
Published
2008-06-05 20:21
Modified
2024-08-07 08:24
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1020195 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/1739 | vdb-entry, x_refsource_VUPEN | |
| http://www.kaspersky.com/technews?id=203038727 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/30534 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42849 | vdb-entry, x_refsource_XF | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704 | third-party-advisory, x_refsource_IDEFENSE | |
| http://securitytracker.com/id?1020196 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:42.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1020195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020195"
},
{
"name": "ADV-2008-1739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1739"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038727"
},
{
"name": "30534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30534"
},
{
"name": "kaspersky-internetsecurity-kl1-bo(42849)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42849"
},
{
"name": "20080604 Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704"
},
{
"name": "1020196",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020196"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1020195",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020195"
},
{
"name": "ADV-2008-1739",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1739"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038727"
},
{
"name": "30534",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30534"
},
{
"name": "kaspersky-internetsecurity-kl1-bo(42849)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42849"
},
{
"name": "20080604 Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704"
},
{
"name": "1020196",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020196"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1518",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1020195",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020195"
},
{
"name": "ADV-2008-1739",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1739"
},
{
"name": "http://www.kaspersky.com/technews?id=203038727",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038727"
},
{
"name": "30534",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30534"
},
{
"name": "kaspersky-internetsecurity-kl1-bo(42849)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42849"
},
{
"name": "20080604 Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704"
},
{
"name": "1020196",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020196"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1518",
"datePublished": "2008-06-05T20:21:00",
"dateReserved": "2008-03-25T00:00:00",
"dateUpdated": "2024-08-07T08:24:42.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3376
Vulnerability from cvelistv5
Published
2005-10-29 19:00
Modified
2024-08-07 23:10
Severity ?
EPSS score ?
Summary
Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/15189 | vdb-entry, x_refsource_BID | |
| http://www.securityelf.org/magicbyte.html | x_refsource_MISC | |
| http://www.securityelf.org/magicbyteadv.html | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=113026417802703&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityelf.org/updmagic.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:08.380Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "15189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15189"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityelf.org/magicbyte.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityelf.org/magicbyteadv.html"
},
{
"name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityelf.org/updmagic.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "15189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15189"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityelf.org/magicbyte.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityelf.org/magicbyteadv.html"
},
{
"name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityelf.org/updmagic.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "15189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15189"
},
{
"name": "http://www.securityelf.org/magicbyte.html",
"refsource": "MISC",
"url": "http://www.securityelf.org/magicbyte.html"
},
{
"name": "http://www.securityelf.org/magicbyteadv.html",
"refsource": "MISC",
"url": "http://www.securityelf.org/magicbyteadv.html"
},
{
"name": "20051025 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=113026417802703\u0026w=2"
},
{
"name": "http://www.securityelf.org/updmagic.html",
"refsource": "MISC",
"url": "http://www.securityelf.org/updmagic.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3376",
"datePublished": "2005-10-29T19:00:00",
"dateReserved": "2005-10-29T00:00:00",
"dateUpdated": "2024-08-07T23:10:08.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-1091
Vulnerability from cvelistv5
Published
2006-03-09 11:00
Modified
2024-08-07 16:56
Severity ?
EPSS score ?
Summary
Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/426699 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/16942 | vdb-entry, x_refsource_BID | |
| http://securityreason.com/securityalert/535 | third-party-advisory, x_refsource_SREASON | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/25221 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:56:15.635Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060303 Kaspersky Memory/CPU Usage Leak by design",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/426699"
},
{
"name": "16942",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16942"
},
{
"name": "535",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/535"
},
{
"name": "kaspersky-unspecified-dos(25221)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25221"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-03-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060303 Kaspersky Memory/CPU Usage Leak by design",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/426699"
},
{
"name": "16942",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16942"
},
{
"name": "535",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/535"
},
{
"name": "kaspersky-unspecified-dos(25221)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25221"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-1091",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060303 Kaspersky Memory/CPU Usage Leak by design",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/426699"
},
{
"name": "16942",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16942"
},
{
"name": "535",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/535"
},
{
"name": "kaspersky-unspecified-dos(25221)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25221"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-1091",
"datePublished": "2006-03-09T11:00:00",
"dateReserved": "2006-03-09T00:00:00",
"dateUpdated": "2024-08-07T16:56:15.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0449
Vulnerability from cvelistv5
Published
2009-02-05 20:00
Modified
2024-08-07 04:31
Severity ?
EPSS score ?
Summary
Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1 | x_refsource_MISC | |
| http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip | x_refsource_MISC | |
| http://www.securitytracker.com/id?1021661 | vdb-entry, x_refsource_SECTRACK | |
| http://www.wintercore.com/advisories/advisory_W020209.html | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/500606/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/33561 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/33788 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:31:26.233Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=60\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip"
},
{
"name": "1021661",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021661"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.wintercore.com/advisories/advisory_W020209.html"
},
{
"name": "20090202 [Wintercore Research WS02-0209] Kaspersky Products Klim5.sys local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/500606/100/0/threaded"
},
{
"name": "33561",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33561"
},
{
"name": "33788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33788"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-02-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=60\u0026Itemid=1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip"
},
{
"name": "1021661",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021661"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.wintercore.com/advisories/advisory_W020209.html"
},
{
"name": "20090202 [Wintercore Research WS02-0209] Kaspersky Products Klim5.sys local privilege escalation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/500606/100/0/threaded"
},
{
"name": "33561",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33561"
},
{
"name": "33788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33788"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=60\u0026Itemid=1",
"refsource": "MISC",
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=60\u0026Itemid=1"
},
{
"name": "http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip",
"refsource": "MISC",
"url": "http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip"
},
{
"name": "1021661",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021661"
},
{
"name": "http://www.wintercore.com/advisories/advisory_W020209.html",
"refsource": "MISC",
"url": "http://www.wintercore.com/advisories/advisory_W020209.html"
},
{
"name": "20090202 [Wintercore Research WS02-0209] Kaspersky Products Klim5.sys local privilege escalation",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/500606/100/0/threaded"
},
{
"name": "33561",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33561"
},
{
"name": "33788",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33788"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0449",
"datePublished": "2009-02-05T20:00:00",
"dateReserved": "2009-02-05T00:00:00",
"dateUpdated": "2024-08-07T04:31:26.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1112
Vulnerability from cvelistv5
Published
2007-04-06 00:00
Modified
2024-08-07 12:43
Severity ?
EPSS score ?
Summary
Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1017884 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1017885 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/24778 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kaspersky.com/technews?id=203038694 | x_refsource_CONFIRM | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-014.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2007/1268 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/23345 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33464 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/464882/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017884"
},
{
"name": "1017885",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017885"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24778"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-014.html"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "23345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23345"
},
{
"name": "kaspersky-startuploading-info-disclosure(33464)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
},
{
"name": "20070405 ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464882/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to \"download\" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017884",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017884"
},
{
"name": "1017885",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017885"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24778"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-014.html"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "23345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23345"
},
{
"name": "kaspersky-startuploading-info-disclosure(33464)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
},
{
"name": "20070405 ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464882/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to \"download\" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017884",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017884"
},
{
"name": "1017885",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017885"
},
{
"name": "24778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24778"
},
{
"name": "http://www.kaspersky.com/technews?id=203038694",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-014.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-014.html"
},
{
"name": "ADV-2007-1268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "23345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23345"
},
{
"name": "kaspersky-startuploading-info-disclosure(33464)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33464"
},
{
"name": "20070405 ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464882/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1112",
"datePublished": "2007-04-06T00:00:00",
"dateReserved": "2007-02-26T00:00:00",
"dateUpdated": "2024-08-07T12:43:22.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3664
Vulnerability from cvelistv5
Published
2005-11-18 11:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/17130 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/19913 | vdb-entry, x_refsource_OSVDB | |
| http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.osvdb.org/19912 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22564 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/15054 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/17144 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17130"
},
{
"name": "19913",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19913"
},
{
"name": "20051010 Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"name": "19912",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19912"
},
{
"name": "kaspersky-fsecure-chm-bo(22564)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"name": "15054",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15054"
},
{
"name": "17144",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17130"
},
{
"name": "19913",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19913"
},
{
"name": "20051010 Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"name": "19912",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19912"
},
{
"name": "kaspersky-fsecure-chm-bo(22564)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"name": "15054",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15054"
},
{
"name": "17144",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17130"
},
{
"name": "19913",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19913"
},
{
"name": "20051010 Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"name": "19912",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19912"
},
{
"name": "kaspersky-fsecure-chm-bo(22564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"name": "15054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15054"
},
{
"name": "17144",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3664",
"datePublished": "2005-11-18T11:00:00",
"dateReserved": "2005-11-18T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1881
Vulnerability from cvelistv5
Published
2007-04-06 00:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/24778 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.kaspersky.com/technews?id=203038694 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/1268 | vdb-entry, x_refsource_VUPEN | |
| http://www.osvdb.org/33852 | vdb-entry, x_refsource_OSVDB | |
| http://www.kaspersky.com/technews?id=203038693 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.744Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24778"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "33852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/33852"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-04-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24778"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "33852",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/33852"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1881",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24778"
},
{
"name": "http://www.kaspersky.com/technews?id=203038694",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "33852",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33852"
},
{
"name": "http://www.kaspersky.com/technews?id=203038693",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038693"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1881",
"datePublished": "2007-04-06T00:00:00",
"dateReserved": "2007-04-05T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2003-1444
Vulnerability from cvelistv5
Published
2007-10-23 01:00
Modified
2024-08-08 02:28
Severity ?
EPSS score ?
Summary
Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/11291 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:28:03.857Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030211 SECURITY.NNOV: Kaspersky Antivirus DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
},
{
"name": "kav-long-path-dos(11291)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11291"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-02-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030211 SECURITY.NNOV: Kaspersky Antivirus DoS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
},
{
"name": "kav-long-path-dos(11291)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11291"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030211 SECURITY.NNOV: Kaspersky Antivirus DoS",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.html"
},
{
"name": "kav-long-path-dos(11291)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/11291"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1444",
"datePublished": "2007-10-23T01:00:00",
"dateReserved": "2007-10-22T00:00:00",
"dateUpdated": "2024-08-08T02:28:03.857Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0445
Vulnerability from cvelistv5
Published
2007-04-06 00:00
Modified
2024-08-07 12:19
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-07-013.html | x_refsource_MISC | |
| http://secunia.com/advisories/24778 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1017882 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kaspersky.com/technews?id=203038694 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/1268 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/464878/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33489 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/23346 | vdb-entry, x_refsource_BID | |
| http://www.kaspersky.com/technews?id=203038693 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1017883 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.325Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24778"
},
{
"name": "1017882",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017882"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "20070405 ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/464878/100/0/threaded"
},
{
"name": "kaspersky-arj-bo(33489)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33489"
},
{
"name": "23346",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23346"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"name": "1017883",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017883"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24778"
},
{
"name": "1017882",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017882"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "20070405 ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/464878/100/0/threaded"
},
{
"name": "kaspersky-arj-bo(33489)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33489"
},
{
"name": "23346",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23346"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"name": "1017883",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017883"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0445",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-013.html"
},
{
"name": "24778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24778"
},
{
"name": "1017882",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017882"
},
{
"name": "http://www.kaspersky.com/technews?id=203038694",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "20070405 ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/464878/100/0/threaded"
},
{
"name": "kaspersky-arj-bo(33489)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33489"
},
{
"name": "23346",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23346"
},
{
"name": "http://www.kaspersky.com/technews?id=203038693",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038693"
},
{
"name": "1017883",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017883"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0445",
"datePublished": "2007-04-06T00:00:00",
"dateReserved": "2007-01-23T00:00:00",
"dateUpdated": "2024-08-07T12:19:30.325Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1880
Vulnerability from cvelistv5
Published
2007-04-06 00:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/33851 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/23326 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/24778 | third-party-advisory, x_refsource_SECUNIA | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.kaspersky.com/technews?id=203038694 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2007/1268 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1017873 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33460 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1017872 | vdb-entry, x_refsource_SECTRACK | |
| http://www.kaspersky.com/technews?id=203038693 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:41.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "33851",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/33851"
},
{
"name": "23326",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23326"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24778"
},
{
"name": "20070404 Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "1017873",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017873"
},
{
"name": "kaspersky-klif-bo(33460)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33460"
},
{
"name": "1017872",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017872"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned \"data size argument,\" which results in a heap overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "33851",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/33851"
},
{
"name": "23326",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23326"
},
{
"name": "24778",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24778"
},
{
"name": "20070404 Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "1017873",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017873"
},
{
"name": "kaspersky-klif-bo(33460)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33460"
},
{
"name": "1017872",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017872"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038693"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned \"data size argument,\" which results in a heap overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "33851",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/33851"
},
{
"name": "23326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23326"
},
{
"name": "24778",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24778"
},
{
"name": "20070404 Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505"
},
{
"name": "http://www.kaspersky.com/technews?id=203038694",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038694"
},
{
"name": "ADV-2007-1268",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1268"
},
{
"name": "1017873",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017873"
},
{
"name": "kaspersky-klif-bo(33460)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33460"
},
{
"name": "1017872",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017872"
},
{
"name": "http://www.kaspersky.com/technews?id=203038693",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038693"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1880",
"datePublished": "2007-04-06T00:00:00",
"dateReserved": "2007-04-05T00:00:00",
"dateUpdated": "2024-08-07T13:13:41.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3142
Vulnerability from cvelistv5
Published
2005-10-05 04:00
Modified
2024-08-07 23:01
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2005/1934 | vdb-entry, x_refsource_VUPEN | |
| http://marc.info/?l=bugtraq&m=112837961522571&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/44 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/14998 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/17024/ | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html | mailing-list, x_refsource_FULLDISC | |
| http://www.osvdb.org/19850 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1014998 | vdb-entry, x_refsource_SECTRACK | |
| http://www.rem0te.com/public/images/kaspersky.pdf | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22497 | vdb-entry, x_refsource_XF | |
| http://www.kaspersky.com/news?id=171512144 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:01:57.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2005-1934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/1934"
},
{
"name": "20051003 Kaspersky Antivirus Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112837961522571\u0026w=2"
},
{
"name": "44",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/44"
},
{
"name": "14998",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/14998"
},
{
"name": "17024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17024/"
},
{
"name": "20051003 Kaspersky Antivirus Library Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html"
},
{
"name": "19850",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19850"
},
{
"name": "1014998",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1014998"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rem0te.com/public/images/kaspersky.pdf"
},
{
"name": "kaspersky-cab-heap-overflow(22497)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22497"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/news?id=171512144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2005-1934",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/1934"
},
{
"name": "20051003 Kaspersky Antivirus Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=112837961522571\u0026w=2"
},
{
"name": "44",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/44"
},
{
"name": "14998",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/14998"
},
{
"name": "17024",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17024/"
},
{
"name": "20051003 Kaspersky Antivirus Library Remote Heap Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html"
},
{
"name": "19850",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19850"
},
{
"name": "1014998",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1014998"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rem0te.com/public/images/kaspersky.pdf"
},
{
"name": "kaspersky-cab-heap-overflow(22497)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22497"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/news?id=171512144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2005-1934",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/1934"
},
{
"name": "20051003 Kaspersky Antivirus Remote Heap Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=112837961522571\u0026w=2"
},
{
"name": "44",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/44"
},
{
"name": "14998",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/14998"
},
{
"name": "17024",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17024/"
},
{
"name": "20051003 Kaspersky Antivirus Library Remote Heap Overflow",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0018.html"
},
{
"name": "19850",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19850"
},
{
"name": "1014998",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1014998"
},
{
"name": "http://www.rem0te.com/public/images/kaspersky.pdf",
"refsource": "MISC",
"url": "http://www.rem0te.com/public/images/kaspersky.pdf"
},
{
"name": "kaspersky-cab-heap-overflow(22497)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22497"
},
{
"name": "http://www.kaspersky.com/news?id=171512144",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/news?id=171512144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3142",
"datePublished": "2005-10-05T04:00:00",
"dateReserved": "2005-10-05T00:00:00",
"dateUpdated": "2024-08-07T23:01:57.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}