7.2
CVE-2006-4926
- EPSS 1.26%
- Veröffentlicht 20.10.2006 22:07:00
- Zuletzt bearbeitet 16.06.2026 22:30:09
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kaspersky Lab ≫ Kaspersky Anti-virus Version5.0 Editionwindows_workstations
Kaspersky Lab ≫ Kaspersky Anti-virus Version6.0 Editionworkstations
Kaspersky Lab ≫ Kaspersky Anti-virus Personal Version5.0
Kaspersky Lab ≫ Kaspersky Anti-virus Personal Pro Version5.0
Kaspersky Lab ≫ Kaspersky Internet Security Version6.0 Updatemaintenance_pack_2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.26% | 0.657 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425
http://secunia.com/advisories/22478
http://securitytracker.com/id?1017093
http://www.kaspersky.com/technews?id=203038678
http://www.osvdb.org/29891
http://www.securityfocus.com/archive/1/449289/100/0/threaded
http://www.securityfocus.com/archive/1/449301/100/0/threaded
http://www.securityfocus.com/bid/20635
http://www.vupen.com/english/advisories/2006/4117
https://exchange.xforce.ibmcloud.com/vulnerabilities/29677