Vulnerability Name: | CVE-2016-4305 (CCN-116373) | ||||||||||||
Assigned: | 2016-08-26 | ||||||||||||
Published: | 2016-08-26 | ||||||||||||
Updated: | 2017-08-13 | ||||||||||||
Summary: | A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability. | ||||||||||||
CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) 5.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
5.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||||||
Vulnerability Type: | CWE-284 | ||||||||||||
Vulnerability Consequences: | Denial of Service | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2016-4305 Source: Miscellaneous Type: Third Party Advisory, VDB Entry http://securitytracker.com/id/1036702 Source: CCN Type: Kaspersky Web Site Kaspersky Internet Security Source: SECTRACK Type: UNKNOWN 1036702 Source: SECTRACK Type: UNKNOWN 1036703 Source: CCN Type: Talos Vulnerability Report TALOS-2016-0167 Kaspersky Internet Security KLIF Driver NtAdjustTokenPrivileges_HANDLER Denial of Service Source: MISC Type: Exploit, Technical Description, Third Party Advisory, VDB Entry http://www.talosintelligence.com/reports/TALOS-2016-0167/ Source: XF Type: UNKNOWN kaspersky-cve20164305-dos(116373) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |