The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Kaspersky Anti-Virus

vulnerability CVE-2019-8286

Kaspersky Anti-Virus: information disclosure via Unique Product ID

Synthesis of the vulnerability

An attacker can bypass access restrictions to data via Unique Product ID of Kaspersky Anti-Virus, in order to obtain sensitive information.
Impacted products: Kaspersky AV.
Severity: 2/4.
Consequences: data reading.
Provenance: internet server.
Creation date: 11/07/2019.
Identifiers: CVE-2019-8286, VIGILANCE-VUL-29750.

Description of the vulnerability

An attacker can bypass access restrictions to data via Unique Product ID of Kaspersky Anti-Virus, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-9810 CVE-2017-9811 CVE-2017-9812

Kaspersky Anti-Virus for Linux File Server: privilege escalation via Web Console

Synthesis of the vulnerability

An attacker can bypass restrictions via Web Console of Kaspersky Anti-Virus for Linux File Server, in order to escalate his privileges.
Impacted products: Kaspersky AV.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 4.
Creation date: 28/06/2017.
Revision date: 29/06/2017.
Identifiers: CORE-2017-0003, CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813, VIGILANCE-VUL-23095.

Description of the vulnerability

An attacker can bypass restrictions via Web Console of Kaspersky Anti-Virus for Linux File Server, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability note 21484

Kaspersky Anti-Virus: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Kaspersky Anti-Virus.
Impacted products: Kaspersky AV.
Severity: 2/4.
Consequences: data reading, data creation/edition.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 29/12/2016.
Revision date: 04/01/2017.
Identifiers: 978, 989, VIGILANCE-VUL-21484.

Description of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.

An attacker can bypass file access restrictions, in order to obtain sensitive information. [severity:2/4]

An attacker can act as a Man-in-the-Middle, in order to read or write data in the session. [severity:2/4]

An attacker can act as a Man-in-the-Middle, in order to read or write data in the session. [severity:2/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2016-4329

Kaspersky Anti-Virus: denial of service via Window Messages

Synthesis of the vulnerability

An attacker can generate a fatal error via Window Messages of Kaspersky Anti-Virus, in order to trigger a denial of service.
Impacted products: Kaspersky AV.
Severity: 1/4.
Consequences: denial of service on service, denial of service on client.
Provenance: user shell.
Creation date: 05/09/2016.
Identifiers: CVE-2016-4329, TALOS-2016-0175, VIGILANCE-VUL-20515.

Description of the vulnerability

An attacker can generate a fatal error via Window Messages of Kaspersky Anti-Virus, in order to trigger a denial of service.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2016-4304 CVE-2016-4305 CVE-2016-4306

Kaspersky Anti-Virus: four vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Kaspersky Anti-Virus.
Impacted products: Kaspersky AV.
Severity: 2/4.
Consequences: data reading, denial of service on client.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 4.
Creation date: 26/08/2016.
Identifiers: CVE-2016-4304, CVE-2016-4305, CVE-2016-4306, CVE-2016-4307, TALOS-2016-0166, TALOS-2016-0167, TALOS-2016-0168, TALOS-2016-0169, VIGILANCE-VUL-20477.

Description of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.

An attacker can trigger a fatal error in NtUserCreateWindowEx_HANDLER, in order to trigger a denial of service. [severity:1/4; CVE-2016-4304, TALOS-2016-0166]

An attacker can trigger a fatal error in NtUserCreateWindowEx_HANDLER, in order to trigger a denial of service. [severity:1/4; CVE-2016-4305, TALOS-2016-0167]

An attacker can force a read at an invalid address, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-4306, TALOS-2016-0168]

An attacker can force a read at an invalid address via a driver, in order to trigger a denial of service, or to obtain sensitive information. [severity:2/4; CVE-2016-4307, TALOS-2016-0169]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2015-8691

Kaspersky Anti-Virus: privilege escalation via Driver Write

Synthesis of the vulnerability

A local attacker can use a driver of Kaspersky Anti-Virus, in order to escalate his privileges.
Impacted products: Kaspersky AV.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, data creation/edition.
Provenance: user shell.
Creation date: 15/03/2016.
Identifiers: CVE-2015-8691, VIGILANCE-VUL-19173.

Description of the vulnerability

The Kaspersky Anti-Virus product uses several drivers.

However, a local attacker can force one of these drivers to create a file.

A local attacker can therefore use a driver of Kaspersky Anti-Virus, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)

vulnerability announce 18672

Kaspersky Anti-Virus, Endpoint: memory corruption via RAR/ZIP

Synthesis of the vulnerability

An attacker can generate a memory corruption via a RAR/ZIP archive on Kaspersky Anti-Virus or Kaspersky Endpoint Security, in order to trigger a denial of service, and possibly to run code.
Impacted products: Kaspersky AV.
Severity: 3/4.
Consequences: user access/rights, denial of service on service, denial of service on client.
Provenance: document.
Creation date: 11/01/2016.
Identifiers: VIGILANCE-VUL-18672.

Description of the vulnerability

The Kaspersky Anti-Virus or Kaspersky Endpoint Security product analyzes RAR and ZIP archives.

However, a malformed RAR or ZIP archive corrupts the memory. This vulnerability was initially announced in VIGILANCE-VUL-18317 for ZIP and Kaspersky Anti-Virus only.

An attacker can therefore generate a memory corruption via a RAR/ZIP archive on Kaspersky Anti-Virus or Kaspersky Endpoint Security, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert 18671

Windows: code execution during application installation

Synthesis of the vulnerability

An attacker can invite the victim to download malicious libraries on Windows, in order to run code during the installation of an application requiring these DLL.
Impacted products: 7-Zip, ZoneAlarm, FileZilla Server, GIMP, Chrome, Kaspersky AV, Windows 10, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, Windows Vista, Opera, Panda AV, Panda Internet Security, PuTTY, OfficeScan, TrueCrypt, VLC.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: document.
Creation date: 11/01/2016.
Identifiers: sk110055, VIGILANCE-VUL-18671.

Description of the vulnerability

When a user installs a new application on Windows, he downloads the installation program (install.exe for example), and then runs it.

However, several installation programs load DLL (for example graph.dll) from the current directory. So, if an attacker invited the victim to download a malicious graph.dll file, before he runs install.exe from the Download directory, the code located in the DLL is run.

See also the bulletin VIGILANCE-VUL-19558 for other impacted products.

An attacker can therefore invite the victim to download malicious libraries on Windows, in order to run code during the installation of an application requiring these DLL.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce 18317

Kaspersky Anti-Virus: three vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.
Impacted products: Kaspersky AV.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 17/11/2015.
Revision date: 15/12/2015.
Identifiers: VIGILANCE-VUL-18317.

Description of the vulnerability

Several vulnerabilities were announced in Kaspersky Anti-Virus.

An attacker can use a certificate name containing "../", in order to force the antivirus to create a file outside the certificate storage directory. [severity:2/4]

An attacker can bypass security features in ACL, in order to escalate his privileges. [severity:3/4]

An attacker can force the usage of a freed memory area with a ZIP file, in order to trigger a denial of service, and possibly to run code. [severity:3/4]
Full Vigil@nce bulletin... (Free trial)

vulnerability 18530

Kaspersky Anti-Virus: directory traversal of Virtual Keyboard GetGraphics

Synthesis of the vulnerability

An attacker can traverse directories in Virtual Keyboard of Kaspersky Anti-Virus, in order to read a file outside the service root path.
Impacted products: Kaspersky AV.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 15/12/2015.
Identifiers: VIGILANCE-VUL-18530.

Description of the vulnerability

The Kaspersky Anti-Virus product offers an Virtual Keyboard ActiveX.

However, user's data are directly inserted in an access path by GetGraphics(). Sequences such as "/.." can thus be used to go in the upper directory.

An attacker can therefore traverse directories in Virtual Keyboard of Kaspersky Anti-Virus, in order to read a file outside the service root path.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Kaspersky Anti-Virus: