cbcvebase.
CVE-2006-4926
published 2006-10-20

CVE-2006-4926: The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303…

PriorityP434high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.26%
65.9th percentile
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.

Affected

5 ranges
VendorProductVersion rangeFixed in
kaspersky_labkaspersky_anti-virus
kaspersky_labkaspersky_anti-virus
kaspersky_labkaspersky_anti-virus_personal
kaspersky_labkaspersky_anti-virus_personal_pro
kaspersky_labkaspersky_internet_security
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.