Kaspersky (Multiple Products) - 'klim5.sys' Local Privilege Escalation

EDB-ID:

32771




Platform:

Windows

Date:

2009-02-02


source: https://www.securityfocus.com/bid/33561/info

Multiple Kaspersky products are prone to a local privilege-escalation vulnerability because the applications fail to perform adequate boundary checks on user-supplied data.

A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

This issue affects versions in the following product groups:

Kaspersky AV 2008
Kaspersky AV for WorkStations 6.0 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/32771.zip