Kaspersky Lab Kaspersky Anti-Virus Personal vulnerabilities

5 known vulnerabilities affecting kaspersky_lab/kaspersky_anti-virus_personal.

Total CVEs
5
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH3MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2009-4452MEDIUMCVSS 6.8PoCv5.0v5.0.227+2 more2009-12-29
CVE-2009-4452 [MEDIUM] CWE-264 CVE-2009-4452: Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.3 Kaspersky Anti-Virus 5.0 (5.0.712); Antivirus Personal 5.0.x; Anti-Virus 6.0 (6.0.3.837), 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); and Internet Security 7 (7.0.1.325), 2009 (8.0.0.x), and 2010 (9.0.0.463); use weak permissions (Everyone:Full Control) for the BASES directory, which allows local users to gain SYSTEM privileges by replacing a
nvd
CVE-2006-4926HIGHCVSS 7.2PoCv5.02006-10-20
CVE-2006-4926 [HIGH] CVE-2006-4926: The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device dri The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.
nvd
CVE-2005-3664HIGHCVSS 7.5v5.0.2272005-11-18
CVE-2005-3664 [HIGH] CVE-2005-3664: Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, An Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
nvd
CVE-2005-3142CRITICALCVSS 10.0v5.02005-10-05
CVE-2005-3142 [CRITICAL] CVE-2005-3142: Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1. Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.
nvd
CVE-2005-1905HIGHCVSS 7.2PoCv5.0.227v5.0.228+1 more2005-06-09
CVE-2005-1905 [HIGH] CVE-2005-1905: The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allow The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.
nvd