CVE-2017-16557

Published: Jan 16, 2018Modified: Nov 21, 2024

7.0

Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.0 / Impact: 5.9

Source: NVD

Description

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.

Affected (7)

Products: K7computing: Antivirus, Endpoint, Internet Security, Total Security, Ultimate Security

5 products

Internet Security

Ultimate Security

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
K7computing Antivirus	Before 15.1.0308
K7computing Antivirus	Before 15.1.0.53
K7computing Endpoint	Before 14.2.0137
K7computing Internet Security	Before 15.1.0297
K7computing Total Security	Before 15.1.0324
K7computing Total Security	Before 16.0.0131
K7computing Ultimate Security	Before 15.1.0324

Related CWEs

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (2)

https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017

Source: cve@mitre.org

Vendor Advisory

https://support.k7computing.com/index.php?/selfhelp/view-article/3rd-Advisory-issued-on-6th-November-2017

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.