12 matches found
The vulnerability of the modules related to antivirus protection software, such as Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security, is related to vulnerabilities in access control. These vulnerabilities allow attackers to trigger an emergency shutdown of the Microsoft Windows operating system.
The vulnerability of Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Small Office Security, Kaspersky Security Cloud, and Kaspersky Endpoint Security modules is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to...
Information disclosure
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component was vulnerable to remote disclosure of various information about the user's system like Window...
CVE-2019-15687
The CVE-2019-15687 issue affects Kaspersky consumer and security-suite products (Kaspersky Anti-Virus, Internet Security, Total Security, Free Antivirus, Small Office Security, Security Cloud up to 2020) where the Web Protection component could remotely disclose information about the user’s syste...
CVE-2019-15686
CVE-2019-15686 affects Kaspersky防 antivirus/product suites (Kaspersky Anti-Virus, Internet Security, Total Security, Free Anti-Virus, Small Office Security, Security Cloud up to 2020) with a vulnerability in the Web Protection component. The connected CNVD entry describes an input validation erro...
CVE-2019-15685
CVE-2019-15685 affects Kaspersky Internet Security family (including Kaspersky Anti-Virus, Internet Security, Total Security, Free Anti-Virus, Small Office Security, Security Cloud up to 2020) with the Web Protection component. A web-protection input validation error allows an attacker to remotel...
CVE-2019-15688
The CVE-2019-15688 entry concerns Kaspersky’s web protection components in multiple products (Kaspersky Anti‑Virus/Internet Security/Total Security/Free etc.) where the user is not adequately informed about redirects to untrusted sites, enabling bypass of warnings. Connected sources add concrete ...
Kaspersky Small Office Security Local Information Disclosure Vulnerability
Kaspersky Small Office Security is a suite of antivirus software for small and medium-sized businesses from Russia's Kaspersky Lab. A local information disclosure vulnerability exists in Kaspersky Small Office Security. A local attacker could exploit this vulnerability to obtain sensitive...
[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-003 Product: Kaspersky Small Office Security KSOS Vendor: Kaspersky Lab ZAO Affected Versions: 13.0.4.233 Tested Versions: 13.0.4.233 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk...
[SYSS-2015-004] Kaspersky Small Office Security - Use of One-Way Hash withouth a Salt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-004 Product: Kaspersky Small Office Security KSOS Vendor: Kaspersky Lab ZAO Affected Versions: 13.0.4.233 Tested Versions: 13.0.4.233 Vulnerability Type: Use of a One-Way Hash without a Salt CWE-759 Risk Level: Low Solution...
Kaspersky Small Office Security 13.0.4.233 Authentication Bypass Vulnerability
By analyzing the password-based authentication for unloading the Kaspersky Small Office Security protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe actually within the module avpmain.dll, which runs or can be run in the context of the current...
Kaspersky Small Office Security 13.0.4.233 Unsalted Hash Vulnerability
The SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Small Office Security software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry. Product: Kaspersky Small Office...
Kaspersky Small Office Security 13.0.4.233 Unsalted Hash
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-004 Product: Kaspersky Small Office Security KSOS Vendor: Kaspersky Lab ZAO Affected Versions: 13.0.4.233 Tested Versions: 13.0.4.233 Vulnerability Type: Use of a One-Way Hash without a Salt CWE-759 Risk Level: Low Solution...