CVE-2010-3396 – Kingsoft AntiVirus 2010.04.26.648 - Kernel Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-3396
Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer en kavfm.sys de Kingsoft Antivirus 2010.04.26.648 y anteriores permite a los usuarios locales ejecutar código a su elección a través de argumentos largos a IOCTL 0x80030004. NOTA: Algunos de estos detalles han sido obtenidos de fuentes de terceros. • https://www.exploit-db.com/exploits/14987 http://secunia.com/advisories/41393 http://www.exploit-db.com/exploits/14987 http://www.securityfocus.com/bid/43173 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6650 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-2031 – Kingsoft Webshield 'KAVSafe.sys' 2010.4.14.609 (2010.5.23) - Kernel Mode Privilege Escalation
https://notcve.org/view.php?id=CVE-2010-2031
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device. KAVSafe.sys v2010.4.14.609 y versiones anteriores, tal como se utiliza en Kingsoft Webshield v3.5.1.2 y anteriores, permite a usuarios locales sobreescribir la memoria del kernel de forma arbitraria a través de una petición modificada a IOCTL 0x830020d4 en el dispositivo KAVSafe. • https://www.exploit-db.com/exploits/12710 http://secunia.com/advisories/39916 http://www.exploit-db.com/exploits/12710 http://www.securityfocus.com/bid/40342 https://exchange.xforce.ibmcloud.com/vulnerabilities/58780 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-1307 – KingSoft - 'UpdateOcx2.dll SetUninstallName()' Heap Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-1307
Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method. Desbordamiento de búfer basado en montículo en el control KUpdateObj2 Class ActiveX de UpdateOcx2.dll en Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 pemrite a atacantes remotos ejecutar código de su elección a través de un argumento largo a el método SetUninstallName. • https://www.exploit-db.com/exploits/5225 http://secunia.com/advisories/29204 http://www.securityfocus.com/bid/28172 http://www.vupen.com/english/advisories/2008/0857/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41088 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2004-1494
https://notcve.org/view.php?id=CVE-2004-1494
Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/028241.html http://marc.info/?l=bugtraq&m=109933696831725&w=2 http://secway.org/Advisory/Ad20041026EN.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/17929 •