CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12817
https://notcve.org/view.php?id=CVE-2017-12817
25 Aug 2017 — In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted. En Kaspersky Internet Security para Android 11.12.4.1622, algunos de los archivos de seguimiento de aplicación no estaban cifrados. • http://www.securityfocus.com/bid/100504 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-4304
https://notcve.org/view.php?id=CVE-2016-4304
06 Jan 2017 — A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violation exception in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. Existe una vulnerabilidad de denegación de servicio en la funcionalidad de filtrado syscall del controlador de Kaspersky Internet Security KLIF. Una petición de llamad... • http://securitytracker.com/id/1036702 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-4305
https://notcve.org/view.php?id=CVE-2016-4305
06 Jan 2017 — A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. Existe una vulnerabilidad de denegación de servicio en la funcionalidad de filtrado syscall filtering del controlador Kaspersky Internet Security KLIF. Una llamada api nativa especialmente ... • http://securitytracker.com/id/1036702 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-4307
https://notcve.org/view.php?id=CVE-2016-4307
06 Jan 2017 — A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability. Existe una vulnerabilidad de denegación de servicio en la funcionalidad de manejo IOCTL del controlador Kaspersky Internet Security KL1. Una señal IOCTL especialmente manipulada puede pro... • http://securitytracker.com/id/1036702 • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2016-4329
https://notcve.org/view.php?id=CVE-2016-4329
06 Jan 2017 — A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism. Existe una vulnerabilidad local de denegación de servicio en la funcionalidad de manejo de mensajes de difusión de ventanas del software Kaspersky Anti-Virus. Enviando ciertos mensajes de ventana no manipulados, un atacante puede pro... • http://www.securityfocus.com/bid/92771 • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5654
https://notcve.org/view.php?id=CVE-2014-5654
09 Sep 2014 — The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. La aplicación Kaspersky Internet Security 11.4.4.232 (también conocido como com.kms.free) para Android no verifica los certificados X.509 de los servidores SSL, lo que permite a atacantes man-in-the-middle falsificar servidores y obtener información sensi... • http://www.kb.cert.org/vuls/id/218177 • CWE-310: Cryptographic Issues •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2010-5163
https://notcve.org/view.php?id=CVE-2010-5163
25 Aug 2012 — Race condition in Kaspersky Internet Security 2010 9.0.0.736 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program ... • http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 56%CPEs: 36EXPL: 0CVE-2012-1443
https://notcve.org/view.php?id=CVE-2012-1443
21 Mar 2012 — The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky An... • http://osvdb.org/80454 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 91%CPEs: 35EXPL: 0CVE-2012-1459
https://notcve.org/view.php?id=CVE-2012-1459
21 Mar 2012 — The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, ... • http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.2EPSS: 11%CPEs: 10EXPL: 0CVE-2012-1462
https://notcve.org/view.php?id=CVE-2012-1462
21 Mar 2012 — The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file cont... • http://www.ieee-security.org/TC/SP2012/program.html • CWE-264: Permissions, Privileges, and Access Controls •