3 matches found
Kaspersky Internet Security KL1 Driver Signal Handler Denial of Service(CVE-2016-4307)
Summary A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user...
CVE-2016-4307
CVE-2016-4307 affects the Kaspersky Internet Security KL1 driver (KLBG) IOCTL handling. The vulnerability arises in a loop that computes the input string length by scanning for a NULL terminator; if the input lacks a NULL within the supplied buffer, the loop reads memory beyond the buffer bounds,...
The vulnerability of Kaspersky Internet Security’s antivirus protection allows a hacker to trigger a service failure.
The vulnerability of the KL1 driver of Kaspersky’s antivirus protection software exists due to errors in the filtering of system calls. Exploiting this vulnerability can allow a local attacker to trigger a service failure using a specially crafted IOCTL signal...