5.5

CVE-2016-4304

Exploit
A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violation exception in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
KasperskyInternet Security Version16.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.49% 0.384
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www.securitytracker.com/id/1036702
http://www.securitytracker.com/id/1036703
http://www.talosintelligence.com/reports/TALOS-2016-0166/
Third Party Advisory
Exploit
VDB Entry
Technical Description
http://securitytracker.com/id/1036702
Third Party Advisory
VDB Entry