CVE-2006-3074

Description

klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.

Related CPE's

Could not find any relations

References

http://uninformed.org/index.cgi?v=4&a=4&p=4

20629

Vendor Advisory

http://uninformed.org/index.cgi?v=4&a=4&p=7

http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15

http://www.rootkit.com/newsread.php?newsid=726

http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

http://www.kaspersky.com/technews?id=203038695

18341

24491

1018257

25603

Vendor Advisory

ADV-2006-2333

Vendor Advisory

ADV-2007-2145

Vendor Advisory

kaspersky-multiple-klif-dos(34875)

kaspersky-klif-dos(27104)

20070615 Kaspersky Multiple insufficient argument validation of hooked SSDT function Vulnerability

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:P

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

NONE

AvailabilityImpact

PARTIAL

BaseScore

5

Created by Yello
About Severity.io