CVE-2006-3074

Kaspersky Internet Security/KAV <7.0 - Local Privilege Escalation

Title source: llm

Description

klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Matousec Transparent security · textlocalwindows

https://www.exploit-db.com/exploits/30192

View Code ZIP pw:eip

References (16)

Core 16

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/27104

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/34875

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/18341

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1018257

Various Sources x_refsource_misc

http://uninformed.org/index.cgi?v=4&a=4&p=4

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2007/2145

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/24491

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/2333

Various Sources x_refsource_confirm

http://www.kaspersky.com/technews?id=203038695

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/25603

Various Sources x_refsource_misc

http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/471453/100/0/threaded

Various Sources x_refsource_misc

http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20629

Various Sources x_refsource_misc

http://uninformed.org/index.cgi?v=4&a=4&p=7

Various Sources x_refsource_misc

http://www.rootkit.com/newsread.php?newsid=726

Scores

EPSS 0.0405

EPSS Percentile 88.6%

Details

CWE

CWE-119

Status published

Products (4)

kaspersky/kaspersky_anti-virus 6.0

kaspersky/kaspersky_anti-virus 7.0

kaspersky/kaspersky_internet_security 6.0

kaspersky/kaspersky_internet_security 7.0

Published Jun 19, 2006

Tracked Since Feb 18, 2026