Vulnerability CVE-2015-8579

Vulnerability Name:

CVE-2015-8579 (CCN-109163)

Assigned:

2015-12-08

Published:

2015-12-08

Updated:

2016-11-28

Summary:

Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.4 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-264

Vulnerability Consequences:

Bypass Security

References:

Source: MISC
Type: UNKNOWN
http://blog.ensilo.com/the-av-vulnerability-that-bypasses-mitigations

Source: MISC
Type: Exploit
http://breakingmalware.com/vulnerabilities/sedating-watchdog-abusing-security-products-bypass-mitigations/

Source: MITRE
Type: CNA
CVE-2015-8579

Source: CCN
Type: Kaspersky Web site
Total Security 2015

Source: BID
Type: UNKNOWN
78815

Source: CCN
Type: BID-78815
Multiple Kaspersky Products Local Security Bypass Vulnerability

Source: XF
Type: UNKNOWN
kaspersky-cve20158579-sec-bypass(109163)

Vulnerable Configuration:

Configuration 1:

cpe:/a:kaspersky:total_security_2015:15.0.2.361:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:kaspersky:total_security_2015:15.0.2.361:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK