General : Kaspersky Internet Security < 17.0.0.611 Multiple Vulnerabilities

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.810514

Kategorie: General

Titel: Kaspersky Internet Security < 17.0.0.611 Multiple Vulnerabilities

Zusammenfassung: Kaspersky Internet Security is prone to multiple denial of; service (DoS) and information disclosure vulnerabilities.

Beschreibung: Summary:
Kaspersky Internet Security is prone to multiple denial of
service (DoS) and information disclosure vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An error in the 'syscall filtering' functionality of 'KLIF driver'.

- An error in the 'IOCTL handling' functionality 'KL1 driver'.

- An error in various 'IOCTL handlers' of the 'KLDISK driver'. Specially crafted IOCTL requests
can cause the driver to return out-of-bounds kernel memory.

- An error in 'window broadcast message handling' functionality.

Vulnerability Impact:
Successful exploitation would allow remote attackers to cause
application termination, bypass protection mechanism and obtain sensitive information.

Affected Software/OS:
Kaspersky Internet Security version 16.0.0.614 and prior.

Solution:
Update to version 17.0.0.611 or later.

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Querverweis: BugTraq ID: 92771
BugTraq ID: 92639
BugTraq ID: 92657
BugTraq ID: 92683
Common Vulnerability Exposure (CVE) ID: CVE-2016-4329
http://www.securityfocus.com/bid/92771
http://www.talosintelligence.com/reports/TALOS-2016-0175/
Common Vulnerability Exposure (CVE) ID: CVE-2016-4305
http://www.talosintelligence.com/reports/TALOS-2016-0167/
http://www.securitytracker.com/id/1036702
http://www.securitytracker.com/id/1036703
Common Vulnerability Exposure (CVE) ID: CVE-2016-4306
http://www.talosintelligence.com/reports/TALOS-2016-0168/
Common Vulnerability Exposure (CVE) ID: CVE-2016-4307
http://www.talosintelligence.com/reports/TALOS-2016-0169/
Common Vulnerability Exposure (CVE) ID: CVE-2016-4304
http://www.talosintelligence.com/reports/TALOS-2016-0166/

Copyright Copyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.810514
Kategorie:	General
Titel:	Kaspersky Internet Security < 17.0.0.611 Multiple Vulnerabilities
Zusammenfassung:	Kaspersky Internet Security is prone to multiple denial of; service (DoS) and information disclosure vulnerabilities.
Beschreibung:	Summary: Kaspersky Internet Security is prone to multiple denial of service (DoS) and information disclosure vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An error in the 'syscall filtering' functionality of 'KLIF driver'. - An error in the 'IOCTL handling' functionality 'KL1 driver'. - An error in various 'IOCTL handlers' of the 'KLDISK driver'. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory. - An error in 'window broadcast message handling' functionality. Vulnerability Impact: Successful exploitation would allow remote attackers to cause application termination, bypass protection mechanism and obtain sensitive information. Affected Software/OS: Kaspersky Internet Security version 16.0.0.614 and prior. Solution: Update to version 17.0.0.611 or later. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	BugTraq ID: 92771 BugTraq ID: 92639 BugTraq ID: 92657 BugTraq ID: 92683 Common Vulnerability Exposure (CVE) ID: CVE-2016-4329 http://www.securityfocus.com/bid/92771 http://www.talosintelligence.com/reports/TALOS-2016-0175/ Common Vulnerability Exposure (CVE) ID: CVE-2016-4305 http://www.talosintelligence.com/reports/TALOS-2016-0167/ http://www.securitytracker.com/id/1036702 http://www.securitytracker.com/id/1036703 Common Vulnerability Exposure (CVE) ID: CVE-2016-4306 http://www.talosintelligence.com/reports/TALOS-2016-0168/ Common Vulnerability Exposure (CVE) ID: CVE-2016-4307 http://www.talosintelligence.com/reports/TALOS-2016-0169/ Common Vulnerability Exposure (CVE) ID: CVE-2016-4304 http://www.talosintelligence.com/reports/TALOS-2016-0166/
Copyright	Copyright (C) 2017 Greenbone Networks GmbH