Denial of Service Vulnerability in Kaspersky Internet Security KLIF Driver
CVE-2016-4304

5.5MEDIUM

Key Information:

Vendor

Kaspersky
Status
Internet Security
Vendor
CVE Published:
6 January 2017

What is CVE-2016-4304?

The Kaspersky Internet Security KLIF driver is susceptible to a denial of service vulnerability stemming from its syscall filtering functionality. A specially designed native API call can lead to an access violation exception in the KLIF kernel driver, causing localized denial of service. This can be exploited by an attacker who runs a program from user-mode to trigger this flaw, potentially disrupting services and affecting system reliability.

Affected Version(s)

Internet Security 16.0.0, KLIF driver version 10.0.0.1532

References

http://www.securitytracker.com/id/1036702
vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1036703
vdb-entryx_refsource_SECTRACK
http://www.talosintelligence.com/reports/TALOS-2016-0166/
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-4304 : Denial of Service Vulnerability in Kaspersky Internet Security KLIF Driver