Denial of Service Vulnerability in Kaspersky Products
CVE-2006-3074

Currently unrated

Key Information:

Vendor: Kaspersky
Status: Kaspersky Anti-virus; Kaspersky Internet Security
Vendor: CVE Published:; 19 June 2006

What is CVE-2006-3074?

A vulnerability exists in the klif.sys driver used by various Kaspersky security products, which fails to properly validate input parameters for multiple system calls. Local users may exploit this weakness by passing invalid parameters, leading to a denial of service condition that could cause the system to reboot unexpectedly. This vulnerability affects users of Kaspersky Internet Security and Anti-Virus versions 6.0 and 7.0, as well as associated KAV 6.0 products.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/27104

vdb-entryx_refsource_XF

https://exchange.xforce.ibmcloud.com/vulnerabilities/34875

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/18341

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2006
Vulnerability Reserved
Jun 19, 2006