Back to search
CVE-2006-4926
Published: Oct 20, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20061020 [Reversemode Advisory] Kaspersky Anti-Virus Privilege Escalation
mailing-list
x_refsource_BUGTRAQ
kaspersky-klinklick-privilege-escalation(29677)
vdb-entry
x_refsource_XF
29891
vdb-entry
x_refsource_OSVDB
20061020 Re: iDefense Security Advisory 10.19.06: Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability
mailing-list
x_refsource_BUGTRAQ
http://www.kaspersky.com/technews?id=203038678
x_refsource_CONFIRM
20061020 Kaspersky Labs Anti-Virus IOCTL Local Privilege Escalation Vulnerability
third-party-advisory
x_refsource_IDEFENSE
22478
third-party-advisory
x_refsource_SECUNIA
20635
vdb-entry
x_refsource_BID
1017093
vdb-entry
x_refsource_SECTRACK
ADV-2006-4117
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now