CVE-2006-3074

Published: Jun 19, 2006Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.

Affected (4)

Products: Kaspersky: Kaspersky Anti Virus, Kaspersky Internet Security

2 products

Kaspersky Anti Virus

Kaspersky Internet Security

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Kaspersky Kaspersky Anti Virus	Version 7.0
Kaspersky Kaspersky Internet Security	Version 6.0
Kaspersky Kaspersky Internet Security	Version 7.0

Configuration B

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Kaspersky Kaspersky Anti Virus	Version 6.0

Running on/with	Platform Versions
Microsoft Windows	All versions
Microsoft Windows Server	All versions

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (32)

http://secunia.com/advisories/20629

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/25603

Source: cve@mitre.org

Vendor Advisory

http://uninformed.org/index.cgi?v=4&a=4&p=4

Source: cve@mitre.org

http://uninformed.org/index.cgi?v=4&a=4&p=7

Source: cve@mitre.org

http://www.kaspersky.com/technews?id=203038695

Source: cve@mitre.org

http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

Source: cve@mitre.org

http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15

Source: cve@mitre.org

http://www.rootkit.com/newsread.php?newsid=726

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/471453/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18341

Source: cve@mitre.org

http://www.securityfocus.com/bid/24491

Source: cve@mitre.org

http://www.securitytracker.com/id?1018257

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2333

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2007/2145

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27104

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34875

Source: cve@mitre.org

http://secunia.com/advisories/20629

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/25603

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://uninformed.org/index.cgi?v=4&a=4&p=4

Source: af854a3a-2127-422b-91ae-364da2661108

http://uninformed.org/index.cgi?v=4&a=4&p=7

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kaspersky.com/technews?id=203038695

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.rootkit.com/newsread.php?newsid=726

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/471453/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/18341

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/24491

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1018257

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/2333

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2007/2145

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/27104

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/34875

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.