CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2010-5164
https://notcve.org/view.php?id=CVE-2010-5164
25 Aug 2012 — Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted pro... • http://archives.neohapsis.com/archives/bugtraq/2010-05/0026.html • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0321
https://notcve.org/view.php?id=CVE-2012-0321
02 Mar 2012 — Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application. Vulnerabilidad sin especificar en el controlador Kingsoft Internet Security 2011 permite a atacantes remotos provocar una denegación de servicio a través de una aplicación modificada. • http://jvn.jp/en/jp/JVN31517714/index.html •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 3CVE-2011-0515 – Kingsoft AntiVirus 2011 SP5.2 'KisKrnl.sys' 2011.1.13.89 - Local Kernel Mode Denial of Service
https://notcve.org/view.php?id=CVE-2011-0515
20 Jan 2011 — KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash) via a crafted request that is not properly handled by the KiFastCallEntry hook. KisKrnl.sys v2011.1.13.89 y anteriores en Kingsoft AntiVirus 2011 SP5.2 permite a usuarios locales provocar una denegación de servicio (caída) a través de una petición modificada que no es manejada adecuadamente por el hook (enganche) KiFastCallEntry. • https://www.exploit-db.com/exploits/15998 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3CVE-2010-3396 – Kingsoft AntiVirus 2010.04.26.648 - Kernel Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-3396
15 Sep 2010 — Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en kavfm.sys de Kingsoft Antivirus 2010.04.26.648 y anteriores permite a los usuarios locales ejecutar código a su elección a través de argumentos largos a IOCTL 0x80030004. NOTA: Algunos de estos detalles han sido obtenidos de fuentes de terceros. • https://www.exploit-db.com/exploits/14987 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 3CVE-2010-2031 – Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-2031
24 May 2010 — KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device. KAVSafe.sys v2010.4.14.609 y versiones anteriores, tal como se utiliza en Kingsoft Webshield v3.5.1.2 y anteriores, permite a usuarios locales sobreescribir la memoria del kernel de forma arbitraria a través de una petición modificada a IOCTL 0x830020d4 en el dispositivo KAVSafe. • https://www.exploit-db.com/exploits/12710 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 9%CPEs: 1EXPL: 2CVE-2008-1307 – KingSoft - 'UpdateOcx2.dll SetUninstallName()' Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-1307
12 Mar 2008 — Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method. Desbordamiento de búfer basado en montículo en el control KUpdateObj2 Class ActiveX de UpdateOcx2.dll en Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 pemrite a atacantes remotos ejecutar código de su elección a través de un argumento largo a ... • https://www.exploit-db.com/exploits/5225 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 2CVE-2004-1494
https://notcve.org/view.php?id=CVE-2004-1494
31 Dec 2004 — Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028241.html •