CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 1CVE-2006-3074 – Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-3074
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess. klif.sys en Kaspersky Internet Security v6.0 y v7.0, Kaspersky Anti-Virus (KAV) v6.0 y v7.0, KAV v6.0 para Windows Workstations, y KAV v6.0 para Windows Servers no validan de forma adecuada ciertos parámetros de llamadas al sistema "enganchadas" sobre (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, y (12) NtQueryValueKey, lo que permite a usuarios locales provocar una denegación de servicio (reinicio) a través de un parámetro inválido, como se demostró con el parámetro ClientId sobre NtOpenProcess. • https://www.exploit-db.com/exploits/30192 http://secunia.com/advisories/20629 http://secunia.com/advisories/25603 http://uninformed.org/index.cgi?v=4&a=4&p=4 http://uninformed.org/index.cgi?v=4&a=4&p=7 http://www.kaspersky.com/technews?id=203038695 http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15 http://www.rootkit.com/newsread.php? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2006-1091
https://notcve.org/view.php?id=CVE-2006-1091
Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors. • http://securityreason.com/securityalert/535 http://www.securityfocus.com/archive/1/426699 http://www.securityfocus.com/bid/16942 https://exchange.xforce.ibmcloud.com/vulnerabilities/25221 •
CVSS: 7.5EPSS: 13%CPEs: 4EXPL: 0CVE-2005-3664
https://notcve.org/view.php?id=CVE-2005-3664
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file. • http://secunia.com/advisories/17130 http://secunia.com/advisories/17144 http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities http://www.osvdb.org/19912 http://www.osvdb.org/19913 http://www.securityfocus.com/bid/15054 https://exchange.xforce.ibmcloud.com/vulnerabilities/22564 •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3663
https://notcve.org/view.php?id=CVE-2005-3663
Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. • http://securityreason.com/securityalert/187 http://securitytracker.com/id?1015224 http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3376
https://notcve.org/view.php?id=CVE-2005-3376
Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug." • http://marc.info/?l=bugtraq&m=113026417802703&w=2 http://www.securityelf.org/magicbyte.html http://www.securityelf.org/magicbyteadv.html http://www.securityelf.org/updmagic.html http://www.securityfocus.com/bid/15189 •