Описание
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.
Ссылки
- ExploitTechnical DescriptionThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- ExploitTechnical DescriptionThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:kaspersky:anti-virus:16.0.0.614:*:*:*:*:*:*:*
cpe:2.3:a:kaspersky:internet_security:16.0.0.614:*:*:*:*:*:*:*
cpe:2.3:a:kaspersky:total_security:16.0.0.614:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00053
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.
EPSS
Процентиль: 17%
0.00053
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-20