Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation

2006-10-19T04:04:01
ID OSVDB:29891
Type osvdb
Reporter Rubén Santamarta()
Modified 2006-10-19T04:04:01

Description

Vulnerability Description

Kaspersky Labs Anti-Virus contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered due to improper address space validation processing IOCTL 0x80052110 requests, and may allow arbitrary code execution, leading to a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Kaspersky Labs has released a patch to address this vulnerability.

Short Description

Kaspersky Labs Anti-Virus contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered due to improper address space validation processing IOCTL 0x80052110 requests, and may allow arbitrary code execution, leading to a loss of integrity.

References:

Vendor Specific Advisory URL Secunia Advisory ID:22478 Other Advisory URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425 Other Advisory URL: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=35 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0404.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0352.html ISS X-Force ID: 29677 FrSIRT Advisory: ADV-2006-4117 CVE-2006-4926