CVE-2016-4329
MEDIUMKaspersky Anti-Virus - Local Denial of Service via Window Broadcast Message Handling
Title source: llmDescription
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92771
Exploit, Technical Description, Third Party Advisory, VDB Entry x_refsource_misc
http://www.talosintelligence.com/reports/TALOS-2016-0175/
Third Party Advisory, VDB Entry
http://www.securityfocus.com/bid/92771/info
Vendor Advisory
https://support.kaspersky.com/vulnerability.aspx?el=12430#010916
Scores
CVSS v3
5.5
EPSS
0.0057
EPSS Percentile
43.3%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (4)
kaspersky/anti-virus
16.0.0.614
kaspersky/internet_security
16.0.0.614
Kaspersky/Total Security
16.0.0.614
kaspersky/total_security
16.0.0.614
Published
Jan 06, 2017
Tracked Since
Feb 18, 2026