The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Kaspersky AV

security bulletin CVE-2017-9810 CVE-2017-9811 CVE-2017-9812

Kaspersky Anti-Virus for Linux File Server: privilege escalation via Web Console

Synthesis of the vulnerability

An attacker can bypass restrictions via Web Console of Kaspersky Anti-Virus for Linux File Server, in order to escalate his privileges.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 28/06/2017.
Revision date: 29/06/2017.
Identifiers: CORE-2017-0003, CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813, VIGILANCE-VUL-23095.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can bypass restrictions via Web Console of Kaspersky Anti-Virus for Linux File Server, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

threat note 21484

Kaspersky Anti-Virus: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Kaspersky Anti-Virus.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 29/12/2016.
Revision date: 04/01/2017.
Identifiers: 978, 989, VIGILANCE-VUL-21484.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.

An attacker can bypass file access restrictions, in order to obtain sensitive information. [severity:2/4]

An attacker can act as a Man-in-the-Middle, in order to read or write data in the session. [severity:2/4]

An attacker can act as a Man-in-the-Middle, in order to read or write data in the session. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-4329

Kaspersky Anti-Virus: denial of service via Window Messages

Synthesis of the vulnerability

An attacker can generate a fatal error via Window Messages of Kaspersky Anti-Virus, in order to trigger a denial of service.
Severity: 1/4.
Creation date: 05/09/2016.
Identifiers: CVE-2016-4329, TALOS-2016-0175, VIGILANCE-VUL-20515.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can generate a fatal error via Window Messages of Kaspersky Anti-Virus, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer weakness CVE-2016-4304 CVE-2016-4305 CVE-2016-4306

Kaspersky Anti-Virus: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Kaspersky Anti-Virus.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 4.
Creation date: 26/08/2016.
Identifiers: CVE-2016-4304, CVE-2016-4305, CVE-2016-4306, CVE-2016-4307, TALOS-2016-0166, TALOS-2016-0167, TALOS-2016-0168, TALOS-2016-0169, VIGILANCE-VUL-20477.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.

An attacker can trigger a fatal error in NtUserCreateWindowEx_HANDLER, in order to trigger a denial of service. [severity:1/4; CVE-2016-4304, TALOS-2016-0166]

An attacker can trigger a fatal error in NtUserCreateWindowEx_HANDLER, in order to trigger a denial of service. [severity:1/4; CVE-2016-4305, TALOS-2016-0167]

An attacker can force a read at an invalid address, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-4306, TALOS-2016-0168]

An attacker can force a read at an invalid address via a driver, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-4307, TALOS-2016-0169]
Full Vigil@nce bulletin... (Free trial)

security threat CVE-2015-8691

Kaspersky Anti-Virus: privilege escalation via Driver Write

Synthesis of the vulnerability

A local attacker can use a driver of Kaspersky Anti-Virus, in order to escalate his privileges.
Severity: 2/4.
Creation date: 15/03/2016.
Identifiers: CVE-2015-8691, VIGILANCE-VUL-19173.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Kaspersky Anti-Virus product uses several drivers.

However, a local attacker can force one of these drivers to create a file.

A local attacker can therefore use a driver of Kaspersky Anti-Virus, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

cybersecurity alert 18672

Kaspersky Anti-Virus, Endpoint: memory corruption via RAR/ZIP

Synthesis of the vulnerability

An attacker can generate a memory corruption via a RAR/ZIP archive on Kaspersky Anti-Virus or Kaspersky Endpoint Security, in order to trigger a denial of service, and possibly to run code.
Severity: 3/4.
Creation date: 11/01/2016.
Identifiers: VIGILANCE-VUL-18672.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Kaspersky Anti-Virus or Kaspersky Endpoint Security product analyzes RAR and ZIP archives.

However, a malformed RAR or ZIP archive corrupts the memory. This vulnerability was initially announced in VIGILANCE-VUL-18317 for ZIP and Kaspersky Anti-Virus only.

An attacker can therefore generate a memory corruption via a RAR/ZIP archive on Kaspersky Anti-Virus or Kaspersky Endpoint Security, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

cybersecurity note 18671

Windows: code execution during application installation

Synthesis of the vulnerability

An attacker can invite the victim to download malicious libraries on Windows, in order to run code during the installation of an application requiring these DLL.
Severity: 2/4.
Creation date: 11/01/2016.
Identifiers: sk110055, VIGILANCE-VUL-18671.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

When a user installs a new application on Windows, he downloads the installation program (install.exe for example), and then runs it.

However, several installation programs load DLL (for example graph.dll) from the current directory. So, if an attacker invited the victim to download a malicious graph.dll file, before he runs install.exe from the Download directory, the code located in the DLL is run.

See also the bulletin VIGILANCE-VUL-19558 for other impacted products.

An attacker can therefore invite the victim to download malicious libraries on Windows, in order to run code during the installation of an application requiring these DLL.
Full Vigil@nce bulletin... (Free trial)

threat announce 18317

Kaspersky Anti-Virus: three vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.
Severity: 3/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 17/11/2015.
Revision date: 15/12/2015.
Identifiers: VIGILANCE-VUL-18317.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.

An attacker can use a certificate name containing "../", in order to force the antivirus to create a file outside the certificate storage directory. [severity:2/4]

An attacker can bypass security features in ACL, in order to escalate his privileges. [severity:3/4]

An attacker can force the usage of a freed memory area with a ZIP file, in order to trigger a denial of service, and possibly to run code. [severity:3/4]
Full Vigil@nce bulletin... (Free trial)

computer weakness alert 18530

Kaspersky Anti-Virus: directory traversal of Virtual Keyboard GetGraphics

Synthesis of the vulnerability

An attacker can traverse directories in Virtual Keyboard of Kaspersky Anti-Virus, in order to read a file outside the service root path.
Severity: 2/4.
Creation date: 15/12/2015.
Identifiers: VIGILANCE-VUL-18530.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

The Kaspersky Anti-Virus product offers an Virtual Keyboard ActiveX.

However, user's data are directly inserted in an access path by GetGraphics(). Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories in Virtual Keyboard of Kaspersky Anti-Virus, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)

weakness 18015

Kaspersky Anti-Virus, Endpoint Security: two vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus and Endpoint Security.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 01/10/2015.
Identifiers: SYSS-2015-001, SYSS-2015-002, SYSS-2015-009, SYSS-2015-010, VIGILANCE-VUL-18015.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus and Endpoint Security.

An attacker can bypass security features in avp.exe, in order to escalate his privileges. [severity:2/4; SYSS-2015-001, SYSS-2015-009]

An attacker can perform an unsalted MD5 brute-force, in order to obtain administrator's password. [severity:1/4; SYSS-2015-002, SYSS-2015-010]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Kaspersky AV: