RSS   Vulnerabilities for 'Total security'   RSS

2019-07-18
 
CVE-2019-8286

CWE-200
 

 
Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security versions up to 2019 could potentially disclose unique Product ID by forcing victim to visit a specially crafted webpage (for example, via clicking phishing link). Vulnerability has CVSS v3.0 base score 2.6

 
2017-01-06
 
CVE-2016-4329

 

 
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.

 
 
CVE-2016-4306

 

 
Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses that may be useful in bypassing kernel mitigations. An unprivileged user can run a program from user-mode to trigger this vulnerability.

 

 >>> Vendor: Kaspersky 15 Products
Kaspersky anti-virus
Kaspersky internet security
Kaspersky anti-virus scanner
Kaspersky online scanner
Kaspersky internet security 2010
Total security 2015
Safe browser
Internet security
Total security
Anti-virus
Anti-virus for linux server
Embedded systems security
Secure mail gateway
Free anti-virus
Small office security


Copyright 2019, cxsecurity.com

 

Back to Top