RSS   Podatności dla 'Kaspersky internet security'   RSS

2019-12-02
 
CVE-2019-15689

CWE-668
 

 
Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Security Cloud prior to version 2020 patch E have bug that allows a local user to execute arbitrary code via execution compromised file placed by an attacker with administrator rights. No privilege escalation. Possible whitelisting bypass some of the security products

 
2017-08-25
 
CVE-2017-12817

CWE-311
 

 
In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted.

 
 
CVE-2017-12816

CWE-732
 

 
In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC.

 
2014-09-08
 
CVE-2014-5654

CWE-310
 

 
The Kaspersky Internet Security (aka com.kms.free) application 11.4.4.232 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

 
2009-08-25
 
CVE-2009-2966

CWE-399
 

 
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters.

 
2009-07-30
 
CVE-2009-2647

CWE-noinfo
 

 
Unspecified vulnerability in Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010 before Critical Fix 9.0.0.463 allows remote attackers to disable the Kaspersky application via unknown attack vectors unrelated to "an external script."

 
2006-06-19
 
CVE-2006-3074

CWE-119
 

 
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.

 

 >>> Vendor: Kaspersky 25 Produkty
Kaspersky anti-virus
Kaspersky internet security
Kaspersky anti-virus scanner
Kaspersky online scanner
Kaspersky internet security 2010
Total security 2015
Safe browser
Internet security
Total security
Anti-virus
Anti-virus for linux server
Embedded systems security
Secure mail gateway
Free anti-virus
Small office security
Protection
Security cloud
Secure connection
Vpn secure connection
Virus removal tool
Anti-ransomware tool
Tinycheck
Endpoint security
Rescue disk
Password manager


Copyright 2021, cxsecurity.com

 

Back to Top