Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities

EDB-ID:

30192


Platform:

Windows

Published:

2007-06-15

source: http://www.securityfocus.com/bid/24491/info

Kaspersky Internet Security 6 is prone to multiple local vulnerabilities.

Exploiting these vulnerabilities allows local attackers to crash affected computers, denying service to legitimate users. Attackers might also be able to gain elevated privileges by executing arbitrary machine code in the context of the kernel, but this has not been confirmed.

Kaspersky Internet Security 6.0.2.614 and 6.0.2.621 are vulnerable; other versions may also be affected.

NOTE: These issues may be related to BID 23326 (Kaspersky Internet Security Suite Klif.SYS Drive Local Heap Overflow Vulnerability), but this has not been confirmed. If we find that this BID is a duplicate, we will retire it and merge its information into BID 23326.

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/30192.zip