Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2006-4926

Published: 20/10/2006 Updated: 17/10/2018
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 725
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Kaspersky Internet Security

Vulnerability Summary

The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.

Vulnerable Product Search on Vulmon Subscribe to Product

kaspersky lab kaspersky internet security 6.0

kaspersky lab kaspersky anti-virus 6.0

kaspersky lab kaspersky anti-virus personal 5.0

kaspersky lab kaspersky anti-virus personal pro 5.0

kaspersky lab kaspersky anti-virus 5.0

Exploits

Exploit DB: Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Overflow / Local Privilege Escalation
//////////////////////////////////// ///// AVP (Kaspersky) //////////////////////////////////// //// FOR EDUCATIONAL PURPOSES ONLY //// Kernel Privilege Escalation #2 //// Exploit //// Rubén Santamarta //// wwwreversemodecom //// 01/09/2006 //// //// ////Modify by Nanika ////naninb[at]gmailcom ////nanika[at]chrootorg ////Exploit Get SYSTEM S ...

References

NVD-CWE-Otherhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425http://www.kaspersky.com/technews?id=203038678http://www.securityfocus.com/bid/20635http://securitytracker.com/id?1017093http://secunia.com/advisories/22478http://www.osvdb.org/29891http://www.vupen.com/english/advisories/2006/4117https://exchange.xforce.ibmcloud.com/vulnerabilities/29677http://www.securityfocus.com/archive/1/449301/100/0/threadedhttp://www.securityfocus.com/archive/1/449289/100/0/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/2676/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook