K7 Antivirus Premium Information Disclosure Vulnerability

K7 Antivirus Premium is a suite of anti-virus software from K7 Computing India. A security vulnerability exists in versions of K7 Antivirus Premium prior to 15.1.0.53, which stems from a failure to adequately authenticate user input sent to the K7Sentry device. A local attacker could exploit the...

CVE-2017-17429

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL...

Hardcoded credentials

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL...

K7 AntiVirus Denial of Service Vulnerability (CNVD-2018-01135)

K7 AntiVirus is home user friendly virus removal software that protects computers from viruses, Trojans, malware and spyware threats. A denial of service vulnerability exists in the driver file K7Sentry.sys in K7 AntiVirus 15.1.0306. The vulnerability arises due to an unverified input value from...

CVE-2018-5218

In K7 Antivirus 15.1.0306, the driver file K7Sentry.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x950025b0...

CVE-2018-5220

In K7 Antivirus 15.1.0306, the driver file K7Sentry.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002610...

CVE-2017-18019

In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. Similarly, the...

CVE-2017-17699

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request...

CVE-2017-17465

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request...

CVE-2017-17464

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request...

K7 AntiVirus Null Pointer Dereference Vulnerability

K7 Antivirus is a suite of anti-virus software from the Indian company K7 Computing.K7Sentry.sys is one of the kernel-mode drivers used in K7 Computing's security products. A security vulnerability exists in K7 Antivirus version 15.1.0309 in K7Sentry.sys version 15.1.0.59. An attacker can exploit...

K7 Total Security Device Driver Arbitrary Memory Read

Vulnerability Summary The following advisory describes an Crash found in K7 Total Security. Credit An independent security researcher, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response K7 has released patches to address this vulnerability –...