Local Code Execution Vulnerability in Kaspersky Labs Anti-Virus Products
CVE-2006-4926

Currently unrated

Key Information:

Vendor

kaspersky
Status
Kaspersky Anti-virus Personal Pro
Kaspersky Anti-virus Personal
Kaspersky Anti-virus
Kaspersky Internet Security
Vendor
CVE Published:
20 October 2006

What is CVE-2006-4926?

The NDIS-TDI Hooking Engine utilized by Kaspersky Labs Anti-Virus and possibly other security products contains a vulnerability that permits local users to execute arbitrary code. This flaw arises from the handling of crafted IRP structures containing invalid addresses during the execution of a specific IOCTL command (0x80052110), potentially leading to elevated privileges and unauthorized access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/449289/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://exchange.xforce.ibmcloud.com/vulnerabilities/29677
vdb-entryx_refsource_XF
http://www.osvdb.org/29891
vdb-entryx_refsource_OSVDB

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.