Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCertccCVE-2016-4329
HistoryJan 06, 2017 - 9:59 p.m.

CVE-2016-4329

2017-01-0621:59:01
CWE-20
certcc
web.nvd.nist.gov
23
cve-2016-4329
denial of service
kaspersky anti-virus
vulnerability
nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

JSON

A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.

Affected configurations

Nvd
Node
kasperskyanti-virusMatch16.0.0.614
OR
kasperskyinternet_securityMatch16.0.0.614
OR
kasperskytotal_securityMatch16.0.0.614
VendorProductVersionCPE
kasperskyanti-virus16.0.0.614cpe:2.3:a:kaspersky:anti-virus:16.0.0.614:*:*:*:*:*:*:*
kasperskyinternet_security16.0.0.614cpe:2.3:a:kaspersky:internet_security:16.0.0.614:*:*:*:*:*:*:*
kasperskytotal_security16.0.0.614cpe:2.3:a:kaspersky:total_security:16.0.0.614:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Total Security",
    "vendor": "Kaspersky",
    "versions": [
      {
        "status": "affected",
        "version": "16.0.0.614"
      }
    ]
  }
]

Related

cvelist 1
prion 1
nvd 1
seebug 1
kaspersky 1
talos 1
openvas 3
cvelist
cvelist
CVE-2016-4329
2017-01-06 21:00:00
prion
prion
Denial of service
2017-01-06 21:59:00
nvd
nvd
CVE-2016-4329
2017-01-06 21:59:01
seebug
seebug
Kaspersky Anti-Virus Unhandled Windows Messages Denial of Service Vulnerability(CVE-2016-4329)
2017-10-13 00:00:00
kaspersky
kaspersky
KLA10947 Denial of service vulnerability in Kaspersky products
2017-01-06 00:00:00
talos
talos
Kaspersky Anti-Virus Unhandled Windows Messages Denial of Service Vulnerability
2016-09-05 00:00:00
openvas
openvas
Kaspersky Internet Security < 17.0.0.611 Multiple Vulnerabilities
2017-01-23 00:00:00
Kaspersky Anti-Virus < 17.0.0.611 Multiple Vulnerabilities
2017-01-23 00:00:00
Kaspersky Total Security < 17.0.0.611 Multiple Vulnerabilities
2017-01-23 00:00:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

5.3

Confidence

High

EPSS

0

Percentile

5.1%

JSON
Related for CVE-2016-4329
cvelist1prion1nvd1seebug1kaspersky1talos1openvas3