CVE-2009-4452 – Kaspersky Lab (Multiple Products) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-4452
Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing an executable or DLL with a Trojan horse. Kaspersky Anti-Virus v5.0 (v5.0.712); Antivirus Personal v5.0.x; Anti-Virus v6.0 (v6.0.3.837), v7 (v7.0.1.325), 2009 (v8.0.0.x), and 2010 (v9.0.0.463); y Internet Security v7 (v7.0.1.325), 2009 (v8.0.0.x), and 2010 (v9.0.0.463); usan permisos débiles (Todo el mundo: Control Total) en el directorio BASES, lo que permite a usuarios locales obtener privilegios de SYSTEM sustituyendo un ejecutable o DLL con un caballo de troya. • https://www.exploit-db.com/exploits/10484 http://secunia.com/advisories/37398 http://secunia.com/advisories/37730 http://www.exploit-db.com/exploits/10484 http://www.securityfocus.com/archive/1/508508/100/0/threaded http://www.securitytracker.com/id?1023366 http://www.securitytracker.com/id?1023367 http://www.vupen.com/english/advisories/2009/3573 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-0449 – Kaspersky (Multiple Products) - 'klim5.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-0449
Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call. Desbordamiento de búfer en klim5.sys de Kaspersky Anti-Virus for Workstations v6.0 y Anti-Virus 2008, permite a usuarios locales obtener privilegios a través de una llamada IOCTL 0x80052110. • https://www.exploit-db.com/exploits/32771 http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip http://secunia.com/advisories/33788 http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1 http://www.securityfocus.com/archive/1/500606/100/0/threaded http://www.securityfocus.com/bid/33561 http://www.securitytracker.com/id?1021661 http://www.wintercore.com/advisories/advisory_W020209.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-1518
https://notcve.org/view.php?id=CVE-2008-1518
Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call. Desbordamiento de búfer basado en pila en kl1.sys en Kaspersky Anti-Virus 6.0 y 7.0, y en Internet Security 6.0 y 7.0, permite a usuarios locales aumentar privilegios a través de una llamada IOCTL 0x800520e8 • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704 http://secunia.com/advisories/30534 http://securitytracker.com/id?1020195 http://securitytracker.com/id?1020196 http://www.kaspersky.com/technews?id=203038727 http://www.vupen.com/english/advisories/2008/1739 https://exchange.xforce.ibmcloud.com/vulnerabilities/42849 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-1881 – Kaspersky AntiVirus 6.0 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2007-1881
Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors. Vulnerabilidad no especificada en KLIF (klif.sys) de Kaspersky Anti-Virus, Anti-Virus para estaciones de trabajo, y Anti-Virus para Servidores de archivos 6.0, e Internet Security 6.0 versiones anteriores a Maintenance Pack 2 build 6.0.2.614 permite a usuarios locales obtener privilegios Ring-0 mediante vectores no especificados. • https://www.exploit-db.com/exploits/3131 http://secunia.com/advisories/24778 http://www.kaspersky.com/technews?id=203038693 http://www.kaspersky.com/technews?id=203038694 http://www.osvdb.org/33852 http://www.vupen.com/english/advisories/2007/1268 •
CVE-2007-1880
https://notcve.org/view.php?id=CVE-2007-1880
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow. Desbordamiento de búfer de entero en la función _NtSetValueKey en klif.sys en Kaspersky Anti-Virus, Anti-Virus para estaciones de trabajo, Anti-Virus para File Server 6.0, e Internet Security 6.0 anterior a Maintenance Pack 2 construcción 6.0.2.614 permite a atacantes dependientes del contexto ejecutar código de su elección a través de un argumento de tamaño de datos no asignado, el cual resulta en un desbordamiento de pila. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505 http://secunia.com/advisories/24778 http://www.kaspersky.com/technews?id=203038693 http://www.kaspersky.com/technews?id=203038694 http://www.osvdb.org/33851 http://www.securityfocus.com/bid/23326 http://www.securitytracker.com/id?1017872 http://www.securitytracker.com/id? •