Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-1905LAB Kaspersky Anti-virus vulnerability

4 documents4 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 64.75%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Kaspersky LAB Kaspersky Anti-virusKaspersky LAB Kaspersky Anti-virus Personal
Timeline
PublishedJun 9
Latest updateMay 1

Description

The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages2 packages

NVDkaspersky_lab/kaspersky_anti-virus5.0.227, 5.0.228, 5.0.335+2
NVDkaspersky_lab/kaspersky_anti-virus_personal5.0.227, 5.0.228, 5.0.325+2

🔴Vulnerability Details

2
GHSA
GHSA-fc4q-fgrg-whcw: The klif2022-05-01
CVEList
CVE-2005-1905: The klif2005-06-08

💥Exploits & PoCs

1
Exploit-DB
Kaspersky AntiVirus - 'klif.sys' Local Privilege Escalation2005-06-07
CVE-2005-1905 — LAB Kaspersky Anti-virus vulnerability | cvebase