CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2009-2647
https://notcve.org/view.php?id=CVE-2009-2647
Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to "an external script." Vulnerabilidad no especificada en Kaspersky Anti-Virus 2010 y Kaspersky Internet Security 2010 anteriores a Critical Fix v9.0.0.463 permite a los atacantes remotos deshabilitar la aplicación Kaspersky a través de un vector de ataque no relacionado a "una secuencia de comandos externa". • http://osvdb.org/56351 http://secunia.com/advisories/35978 http://www.kaspersky.com/technews?id=203038755 http://www.securityfocus.com/bid/35789 http://www.vupen.com/english/advisories/2009/1998 https://exchange.xforce.ibmcloud.com/vulnerabilities/51986 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0449 – Kaspersky (Multiple Products) - 'klim5.sys' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-0449
Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call. Desbordamiento de búfer en klim5.sys de Kaspersky Anti-Virus for Workstations v6.0 y Anti-Virus 2008, permite a usuarios locales obtener privilegios a través de una llamada IOCTL 0x80052110. • https://www.exploit-db.com/exploits/32771 http://kartoffel.reversemode.com/downloads/kaspersky_klim5_plugin.zip http://secunia.com/advisories/33788 http://www.reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1 http://www.securityfocus.com/archive/1/500606/100/0/threaded http://www.securityfocus.com/bid/33561 http://www.securitytracker.com/id?1021661 http://www.wintercore.com/advisories/advisory_W020209.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2008-1518
https://notcve.org/view.php?id=CVE-2008-1518
Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call. Desbordamiento de búfer basado en pila en kl1.sys en Kaspersky Anti-Virus 6.0 y 7.0, y en Internet Security 6.0 y 7.0, permite a usuarios locales aumentar privilegios a través de una llamada IOCTL 0x800520e8 • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=704 http://secunia.com/advisories/30534 http://securitytracker.com/id?1020195 http://securitytracker.com/id?1020196 http://www.kaspersky.com/technews?id=203038727 http://www.vupen.com/english/advisories/2008/1739 https://exchange.xforce.ibmcloud.com/vulnerabilities/42849 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 1CVE-2007-5086
https://notcve.org/view.php?id=CVE-2007-5086
Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, and (7) NtUserBuildHwndList kernel SSDT hooks in kylif.sys; the (8) NtDuplicateObject (DuplicateHandle) kernel SSDT hook; and possibly other kernel SSDT hooks. NOTE: the NtCreateSection vector is covered by CVE-2007-5043.1. NOTE: the vendor disputes that the DuplicateHandle vector is a vulnerability in their code, stating that "it is not an error in our code, but an obscure method for manipulating standard Windows routines to circumvent our self-defense mechanisms." Kaspersky Anti-Virus (KAV) y Internet Security 7.0 construcción 125 no valida de forma adecuada ciertos parámetros en System Service Descriptor Table (SSDT) y manejadores de función Shadow SSDT, lo cual permite a usuarios locales provocar denegación de servicio (caida) a través de (1) NtUserSendInput, (2) LoadLibraryA, (3) NtOpenProcess, (4) NtOpenThread, (5) NtTerminateProcess, (6) NtUserFindWindowEx, y (7) NtUserBuildHwndList kernel SSDT enganchado en kylif.sys; el gancho(8) kernel NtDuplicateObject (DuplicateHandle) SSDT. NOTA: el vendededor cuestiona que el vector DuplicateHandle es una vulnerabilidad en su código, basándose en que "no es un error de nuestro código, pero un método oscuro para la manipulación estandar de las rutinas de windows sortea nuestros mecanismos de autodefensa". • http://osvdb.org/37990 http://secunia.com/advisories/26887 http://www.kaspersky.com/technews?id=203038706 http://www.rootkit.com/newsread.php?newsid=778 http://www.vupen.com/english/advisories/2007/3259 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3906
https://notcve.org/view.php?id=CVE-2007-3906
Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow attackers to cause a denial of service (kernel hang) via unspecified vectors. NOTE: it is not clear whether there is an attacker role. Vulnerabilidad sin especificar en el Anti-Virus Kaspersky para el Check Point FireWall-1 anterior al Critical Fix 1 (5.5.161.0) puede permitir a atacantes provocar una denegación de servicio (cuelgue del kernel) a través de vectores sin especificar. NOTA: no está claro si existe un rol de atacante. • http://osvdb.org/36127 http://secunia.com/advisories/26064 http://support.kaspersky.com/checkpoint?qid=208279464 http://www.securityfocus.com/bid/24932 http://www.vupen.com/english/advisories/2007/2561 https://exchange.xforce.ibmcloud.com/vulnerabilities/35454 •