Search criteria
15 vulnerabilities found for kaspersky_internet_security by kaspersky
FKIE_CVE-2019-15689
Vulnerability from fkie_nvd - Published: 2019-12-02 21:15 - Updated: 2024-11-21 04:29
Severity ?
Summary
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky | kaspersky_internet_security | 2019 | |
| kaspersky | kaspersky_internet_security | 2019 | |
| kaspersky | kaspersky_internet_security | 2019 | |
| kaspersky | kaspersky_internet_security | 2019 | |
| kaspersky | secure_connection | 3.0 | |
| kaspersky | secure_connection | 4.0 | |
| kaspersky | security_cloud | 2019 | |
| kaspersky | security_cloud | 2019 | |
| kaspersky | security_cloud | 2019 | |
| kaspersky | security_cloud | 2020 | |
| kaspersky | total_security | 2019 | |
| kaspersky | total_security | 2019 | |
| kaspersky | total_security | 2019 | |
| kaspersky | total_security | 2019 | |
| kaspersky | total_security | 2020 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "1C079E9B-80C8-4953-B40E-83971CD43A8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:2019:patch_f:*:*:*:*:*:*",
"matchCriteriaId": "874B5413-7471-4B13-ACD4-6338D55E663F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:2019:patch_i:*:*:*:*:*:*",
"matchCriteriaId": "B5774F5A-D570-45FB-AA39-5DB9EB53CEC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:2019:patch_j:*:*:*:*:*:*",
"matchCriteriaId": "83F454F9-607E-41B4-8FF0-2C42F4D53343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:secure_connection:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B014E16-0F9F-4C3D-A9E3-200E09D88C61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:secure_connection:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A06339D-2176-4F23-B458-68D44F1A5F21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:security_cloud:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "00FFDD70-CB8F-47ED-B8E8-D0CCA55E98DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:security_cloud:2019:patch_i:*:*:*:*:*:*",
"matchCriteriaId": "D338597D-23EA-44D6-8B17-9871530702CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:security_cloud:2019:patch_j:*:*:*:*:*:*",
"matchCriteriaId": "525A49A3-0262-4B70-8C31-9EBDC7CCCBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:security_cloud:2020:-:*:*:*:*:*:*",
"matchCriteriaId": "09AB668A-EE74-42B5-A302-45C6274A78F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:total_security:2019:-:*:*:*:*:*:*",
"matchCriteriaId": "499BDE03-433A-4151-A38E-DAECA64D8648",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:total_security:2019:patch_f:*:*:*:*:*:*",
"matchCriteriaId": "2B132D5E-B498-48E3-A994-F94ABDC8172D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:total_security:2019:patch_i:*:*:*:*:*:*",
"matchCriteriaId": "9975E755-D976-41BC-88C6-751B275CCDE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:total_security:2019:patch_j:*:*:*:*:*:*",
"matchCriteriaId": "CD24AD6C-B8C4-4C3A-80E4-01C4CB67C26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:total_security:2020:*:*:*:*:*:*:*",
"matchCriteriaId": "5E1929ED-827B-456A-B66C-D5BE704C8AE5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products"
},
{
"lang": "es",
"value": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud versiones anteriores a 2020 parche E, presentan un error que permite a un usuario local ejecutar c\u00f3digo arbitrario por medio de un archivo de ejecuci\u00f3n comprometido colocado por parte de un atacante con derechos de administrador. Sin escalada de privilegios. Una posible lista blanca omite algunos de los productos de seguridad"
}
],
"id": "CVE-2019-15689",
"lastModified": "2024-11-21T04:29:15.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-02T21:15:16.733",
"references": [
{
"source": "vulnerability@kaspersky.com",
"tags": [
"Broken Link"
],
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
},
{
"source": "nvd@nist.gov",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://safebreach.com/Post/Kaspersky-Secure-Connection-DLL-Preloading-and-Potential-Abuses-CVE-2019-15689"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
],
"url": "https://www.symantec.com/security-center/vulnerabilities/writeup/111033"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
}
],
"sourceIdentifier": "vulnerability@kaspersky.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-5654
Vulnerability from fkie_nvd - Published: 2014-09-09 01:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/218177 | US Government Resource | |
| cret@cert.org | http://www.kb.cert.org/vuls/id/582497 | Third Party Advisory, US Government Resource | |
| cret@cert.org | https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/218177 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/582497 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky | kaspersky_internet_security | 11.4.4.232 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:11.4.4.232:*:*:*:*:android:*:*",
"matchCriteriaId": "080E2C24-6302-4749-8E5E-D25510EC5C50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
},
{
"lang": "es",
"value": "La aplicaci\u00f3n Kaspersky Internet Security 11.4.4.232 (tambi\u00e9n conocido como com.kms.free) para Android no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores y obtener informaci\u00f3n sensible a trav\u00e9s de un certificado manipulado."
}
],
"id": "CVE-2014-5654",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 5.5,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-09-09T01:55:35.260",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"source": "cret@cert.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"source": "cret@cert.org",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-2966
Vulnerability from fkie_nvd - Published: 2009-08-25 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky | kaspersky_anti-virus | 9.0.0.463 | |
| kaspersky | kaspersky_internet_security | 9.0.0.459 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:9.0.0.463:*:*:*:*:*:*:*",
"matchCriteriaId": "00CDF003-FD3C-4F9D-891A-B624A71A3228",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:9.0.0.459:*:*:*:*:*:*:*",
"matchCriteriaId": "B893210A-8792-4AAD-BA14-D1F740C31B75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot \".\" characters."
},
{
"lang": "es",
"value": "avp.exe en Kaspersky Internet Security v9.0.0.459 y Anti-Virus v9.0.0.463 permite a atacantes remotos producir una denegaci\u00f3n de servicio (consumo de CPU y perdida de conectividad con la red) a trav\u00e9s de una petici\u00f3n de URL HTTP que contiene un gran numero de puntos \".\"."
}
],
"id": "CVE-2009-2966",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-08-25T17:30:01.047",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36405"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"source": "cve@mitre.org",
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/57173"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/36084"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022754"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022755"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/57173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/36084"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-2647
Vulnerability from fkie_nvd - Published: 2009-07-30 19:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to "an external script."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky | kaspersky_anti-virus | 2010 | |
| kaspersky | kaspersky_internet_security | 2010 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "E6CA50F0-B82E-46FB-9CAF-B6B02A77C8D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D7B95D-34B9-4F29-855D-61575B6198F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to \"an external script.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Kaspersky Anti-Virus 2010 y Kaspersky Internet Security 2010 anteriores a Critical Fix v9.0.0.463 permite a los atacantes remotos deshabilitar la aplicaci\u00f3n Kaspersky a trav\u00e9s de un vector de ataque no relacionado a \"una secuencia de comandos externa\"."
}
],
"id": "CVE-2009-2647",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-07-30T19:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/56351"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35978"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kaspersky.com/technews?id=203038755"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35789"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/56351"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.kaspersky.com/technews?id=203038755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-3074
Vulnerability from fkie_nvd - Published: 2006-06-19 10:02 - Updated: 2025-04-03 01:03
Severity ?
Summary
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kaspersky | kaspersky_anti-virus | 6.0 | |
| kaspersky | kaspersky_anti-virus | 7.0 | |
| kaspersky | kaspersky_internet_security | 6.0 | |
| kaspersky | kaspersky_internet_security | 7.0 | |
| kaspersky | kaspersky_anti-virus | 6.0 | |
| microsoft | windows | * | |
| microsoft | windows_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8015458-2645-482D-A0D3-B08B73655E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A85D0F7D-B2F5-49D2-9CA8-1B02A4A72872",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "016D3A82-25B8-433E-B159-DC8EBBF68733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF832371-8A92-4FF6-BB6E-AECB2E5CE7E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8015458-2645-482D-A0D3-B08B73655E06",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA0CCC0-F2BE-4AF8-844E-CEA1B276792D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess."
},
{
"lang": "es",
"value": "klif.sys en Kaspersky Internet Security v6.0 y v7.0, Kaspersky Anti-Virus (KAV) v6.0 y v7.0, KAV v6.0 para Windows Workstations, y KAV v6.0 para Windows Servers no validan de forma adecuada ciertos par\u00e1metros de llamadas al sistema \"enganchadas\" sobre (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, y (12) NtQueryValueKey, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (reinicio) a trav\u00e9s de un par\u00e1metro inv\u00e1lido, como se demostr\u00f3 con el par\u00e1metro ClientId sobre NtOpenProcess."
}
],
"id": "CVE-2006-3074",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-19T10:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20629"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25603"
},
{
"source": "cve@mitre.org",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"source": "cve@mitre.org",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"source": "cve@mitre.org",
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"source": "cve@mitre.org",
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"source": "cve@mitre.org",
"url": "http://www.rootkit.com/newsread.php?newsid=726"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18341"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24491"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018257"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.rootkit.com/newsread.php?newsid=726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18341"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-15689 (GCVE-0-2019-15689)
Vulnerability from cvelistv5 – Published: 2019-12-02 20:43 – Updated: 2024-08-05 00:56
VLAI?
Summary
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products
Severity ?
No CVSS data available.
CWE
- Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky | Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud |
Affected:
prior to version 2020 patch E
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud",
"vendor": "Kaspersky",
"versions": [
{
"status": "affected",
"version": "prior to version 2020 patch E"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-02T20:43:52",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2019-15689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud",
"version": {
"version_data": [
{
"version_value": "prior to version 2020 patch E"
}
]
}
}
]
},
"vendor_name": "Kaspersky"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219",
"refsource": "CONFIRM",
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-15689",
"datePublished": "2019-12-02T20:43:52",
"dateReserved": "2019-08-27T00:00:00",
"dateUpdated": "2024-08-05T00:56:22.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5654 (GCVE-0-2014-5654)
Vulnerability from cvelistv5 – Published: 2014-09-09 01:00 – Updated: 2024-08-06 11:48
VLAI?
Summary
The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:48:50.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#218177",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-09T01:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#218177",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#218177",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-5654",
"datePublished": "2014-09-09T01:00:00",
"dateReserved": "2014-08-30T00:00:00",
"dateUpdated": "2024-08-06T11:48:50.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2966 (GCVE-0-2009-2966)
Vulnerability from cvelistv5 – Published: 2009-08-25 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36405"
},
{
"name": "57173",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/57173"
},
{
"name": "20090819 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"name": "36084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36084"
},
{
"name": "1022754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022754"
},
{
"name": "1022755",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022755"
},
{
"name": "20090818 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"name": "kaspersky-antivirus-internet-http-dos(52571)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot \".\" characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36405"
},
{
"name": "57173",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/57173"
},
{
"name": "20090819 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"name": "36084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36084"
},
{
"name": "1022754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022754"
},
{
"name": "1022755",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022755"
},
{
"name": "20090818 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"name": "kaspersky-antivirus-internet-http-dos(52571)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot \".\" characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36405",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36405"
},
{
"name": "57173",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/57173"
},
{
"name": "20090819 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"name": "36084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36084"
},
{
"name": "1022754",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022754"
},
{
"name": "1022755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022755"
},
{
"name": "20090818 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"name": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077",
"refsource": "MISC",
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"name": "kaspersky-antivirus-internet-http-dos(52571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2966",
"datePublished": "2009-08-25T17:00:00",
"dateReserved": "2009-08-25T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2647 (GCVE-0-2009-2647)
Vulnerability from cvelistv5 – Published: 2009-07-30 19:00 – Updated: 2024-08-07 05:59
VLAI?
Summary
Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to "an external script."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kaspersky-av-is-sec-bypass(51986)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
},
{
"name": "35789",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35789"
},
{
"name": "56351",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/56351"
},
{
"name": "ADV-2009-1998",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"name": "35978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35978"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038755"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to \"an external script.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kaspersky-av-is-sec-bypass(51986)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
},
{
"name": "35789",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35789"
},
{
"name": "56351",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/56351"
},
{
"name": "ADV-2009-1998",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"name": "35978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35978"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038755"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to \"an external script.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kaspersky-av-is-sec-bypass(51986)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
},
{
"name": "35789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35789"
},
{
"name": "56351",
"refsource": "OSVDB",
"url": "http://osvdb.org/56351"
},
{
"name": "ADV-2009-1998",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"name": "35978",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35978"
},
{
"name": "http://www.kaspersky.com/technews?id=203038755",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038755"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2647",
"datePublished": "2009-07-30T19:00:00",
"dateReserved": "2009-07-30T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3074 (GCVE-0-2006-3074)
Vulnerability from cvelistv5 – Published: 2006-06-19 10:00 – Updated: 2024-08-07 18:16
VLAI?
Summary
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:05.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kaspersky-klif-dos(27104)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"name": "kaspersky-multiple-klif-dos(34875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
},
{
"name": "18341",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18341"
},
{
"name": "1018257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018257"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"name": "ADV-2007-2145",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"name": "24491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24491"
},
{
"name": "ADV-2006-2333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"name": "25603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25603"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"name": "20070615 Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20629"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rootkit.com/newsread.php?newsid=726"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kaspersky-klif-dos(27104)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"name": "kaspersky-multiple-klif-dos(34875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
},
{
"name": "18341",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18341"
},
{
"name": "1018257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018257"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"name": "ADV-2007-2145",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"name": "24491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24491"
},
{
"name": "ADV-2006-2333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"name": "25603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25603"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"name": "20070615 Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20629"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rootkit.com/newsread.php?newsid=726"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kaspersky-klif-dos(27104)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"name": "kaspersky-multiple-klif-dos(34875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
},
{
"name": "18341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18341"
},
{
"name": "1018257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018257"
},
{
"name": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4",
"refsource": "MISC",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"name": "ADV-2007-2145",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"name": "24491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24491"
},
{
"name": "ADV-2006-2333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"name": "http://www.kaspersky.com/technews?id=203038695",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"name": "25603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25603"
},
{
"name": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15",
"refsource": "MISC",
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"name": "20070615 Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"name": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20629"
},
{
"name": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7",
"refsource": "MISC",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"name": "http://www.rootkit.com/newsread.php?newsid=726",
"refsource": "MISC",
"url": "http://www.rootkit.com/newsread.php?newsid=726"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3074",
"datePublished": "2006-06-19T10:00:00",
"dateReserved": "2006-06-19T00:00:00",
"dateUpdated": "2024-08-07T18:16:05.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-15689 (GCVE-0-2019-15689)
Vulnerability from nvd – Published: 2019-12-02 20:43 – Updated: 2024-08-05 00:56
VLAI?
Summary
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products
Severity ?
No CVSS data available.
CWE
- Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Kaspersky | Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud |
Affected:
prior to version 2020 patch E
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T00:56:22.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud",
"vendor": "Kaspersky",
"versions": [
{
"status": "affected",
"version": "prior to version 2020 patch E"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Bypass",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-02T20:43:52",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2019-15689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud",
"version": {
"version_data": [
{
"version_value": "prior to version 2020 patch E"
}
]
}
}
]
},
"vendor_name": "Kaspersky"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Bypass"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219",
"refsource": "CONFIRM",
"url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#021219"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-15689",
"datePublished": "2019-12-02T20:43:52",
"dateReserved": "2019-08-27T00:00:00",
"dateUpdated": "2024-08-05T00:56:22.341Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-5654 (GCVE-0-2014-5654)
Vulnerability from nvd – Published: 2014-09-09 01:00 – Updated: 2024-08-06 11:48
VLAI?
Summary
The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:48:50.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#218177",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-09-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-09T01:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#218177",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"name": "VU#582497",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-5654",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#218177",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/218177"
},
{
"name": "VU#582497",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/582497"
},
{
"name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing",
"refsource": "MISC",
"url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-5654",
"datePublished": "2014-09-09T01:00:00",
"dateReserved": "2014-08-30T00:00:00",
"dateUpdated": "2024-08-06T11:48:50.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2966 (GCVE-0-2009-2966)
Vulnerability from nvd – Published: 2009-08-25 17:00 – Updated: 2024-08-07 06:07
VLAI?
Summary
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36405"
},
{
"name": "57173",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/57173"
},
{
"name": "20090819 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES",
"x_transferred"
],
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"name": "36084",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36084"
},
{
"name": "1022754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022754"
},
{
"name": "1022755",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022755"
},
{
"name": "20090818 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"name": "kaspersky-antivirus-internet-http-dos(52571)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot \".\" characters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36405",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36405"
},
{
"name": "57173",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/57173"
},
{
"name": "20090819 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"third-party-advisory",
"x_refsource_SREASONRES"
],
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"name": "36084",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36084"
},
{
"name": "1022754",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022754"
},
{
"name": "1022755",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022755"
},
{
"name": "20090818 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"name": "kaspersky-antivirus-internet-http-dos(52571)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot \".\" characters."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36405",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36405"
},
{
"name": "57173",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/57173"
},
{
"name": "20090819 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"refsource": "SREASONRES",
"url": "http://securityreason.com/achievement_securityalert/66"
},
{
"name": "36084",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36084"
},
{
"name": "1022754",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022754"
},
{
"name": "1022755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022755"
},
{
"name": "20090818 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-08/0252.html"
},
{
"name": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077",
"refsource": "MISC",
"url": "http://www.h-online.com/security/Kaspersky-confirm-and-close-DoS-vulnerability--/news/114077"
},
{
"name": "kaspersky-antivirus-internet-http-dos(52571)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52571"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2966",
"datePublished": "2009-08-25T17:00:00",
"dateReserved": "2009-08-25T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2647 (GCVE-0-2009-2647)
Vulnerability from nvd – Published: 2009-07-30 19:00 – Updated: 2024-08-07 05:59
VLAI?
Summary
Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to "an external script."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kaspersky-av-is-sec-bypass(51986)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
},
{
"name": "35789",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35789"
},
{
"name": "56351",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/56351"
},
{
"name": "ADV-2009-1998",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"name": "35978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35978"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038755"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-07-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to \"an external script.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kaspersky-av-is-sec-bypass(51986)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
},
{
"name": "35789",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35789"
},
{
"name": "56351",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/56351"
},
{
"name": "ADV-2009-1998",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"name": "35978",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35978"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038755"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to \"an external script.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kaspersky-av-is-sec-bypass(51986)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51986"
},
{
"name": "35789",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35789"
},
{
"name": "56351",
"refsource": "OSVDB",
"url": "http://osvdb.org/56351"
},
{
"name": "ADV-2009-1998",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1998"
},
{
"name": "35978",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35978"
},
{
"name": "http://www.kaspersky.com/technews?id=203038755",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038755"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2647",
"datePublished": "2009-07-30T19:00:00",
"dateReserved": "2009-07-30T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-3074 (GCVE-0-2006-3074)
Vulnerability from nvd – Published: 2006-06-19 10:00 – Updated: 2024-08-07 18:16
VLAI?
Summary
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:16:05.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "kaspersky-klif-dos(27104)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"name": "kaspersky-multiple-klif-dos(34875)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
},
{
"name": "18341",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18341"
},
{
"name": "1018257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018257"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"name": "ADV-2007-2145",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"name": "24491",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24491"
},
{
"name": "ADV-2006-2333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"name": "25603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25603"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"name": "20070615 Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20629"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.rootkit.com/newsread.php?newsid=726"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "kaspersky-klif-dos(27104)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"name": "kaspersky-multiple-klif-dos(34875)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
},
{
"name": "18341",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18341"
},
{
"name": "1018257",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018257"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"name": "ADV-2007-2145",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"name": "24491",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24491"
},
{
"name": "ADV-2006-2333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"name": "25603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25603"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"name": "20070615 Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20629",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20629"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.rootkit.com/newsread.php?newsid=726"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "kaspersky-klif-dos(27104)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104"
},
{
"name": "kaspersky-multiple-klif-dos(34875)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875"
},
{
"name": "18341",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18341"
},
{
"name": "1018257",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018257"
},
{
"name": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4",
"refsource": "MISC",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=4"
},
{
"name": "ADV-2007-2145",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2145"
},
{
"name": "24491",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24491"
},
{
"name": "ADV-2006-2333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2333"
},
{
"name": "http://www.kaspersky.com/technews?id=203038695",
"refsource": "CONFIRM",
"url": "http://www.kaspersky.com/technews?id=203038695"
},
{
"name": "25603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25603"
},
{
"name": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15",
"refsource": "MISC",
"url": "http://www.rootkit.com/board.php?did=edge726\u0026closed=0\u0026lastx=15"
},
{
"name": "20070615 Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded"
},
{
"name": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"refsource": "MISC",
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php"
},
{
"name": "20629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20629"
},
{
"name": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7",
"refsource": "MISC",
"url": "http://uninformed.org/index.cgi?v=4\u0026a=4\u0026p=7"
},
{
"name": "http://www.rootkit.com/newsread.php?newsid=726",
"refsource": "MISC",
"url": "http://www.rootkit.com/newsread.php?newsid=726"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3074",
"datePublished": "2006-06-19T10:00:00",
"dateReserved": "2006-06-19T00:00:00",
"dateUpdated": "2024-08-07T18:16:05.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}