7.2

CVE-2006-4926

Exploit
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kaspersky LabKaspersky Anti-virus Version5.0 Editionwindows_workstations
Kaspersky LabKaspersky Anti-virus Version6.0 Editionworkstations
Kaspersky LabKaspersky Internet Security Version6.0 Updatemaintenance_pack_2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.26% 0.657
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425
Patch
Vendor Advisory
http://secunia.com/advisories/22478
Patch
Vendor Advisory
http://securitytracker.com/id?1017093
Patch
Exploit
http://www.kaspersky.com/technews?id=203038678
Patch
http://www.osvdb.org/29891
Patch
Exploit
http://www.securityfocus.com/archive/1/449289/100/0/threaded
http://www.securityfocus.com/archive/1/449301/100/0/threaded
http://www.securityfocus.com/bid/20635
Patch
Exploit
http://www.vupen.com/english/advisories/2006/4117
https://exchange.xforce.ibmcloud.com/vulnerabilities/29677