Kaspersky Products Local Privilege Escalation Vulnerability

vendor:

Kaspersky Products

by:

SecurityFocus

7.2

CVSS

HIGH

Local Privilege Escalation

264

CWE

Product Name: Kaspersky Products

Affected Version From: Kaspersky AV 2008, Kaspersky AV for WorkStations 6.0

Affected Version To: Kaspersky AV 2008, Kaspersky AV for WorkStations 6.0

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Kaspersky Products Local Privilege Escalation Vulnerability

Multiple Kaspersky products are prone to a local privilege-escalation vulnerability because the applications fail to perform adequate boundary checks on user-supplied data. A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

Mitigation:

Users should ensure that all Kaspersky products are kept up-to-date with the latest security patches.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/33561/info

Multiple Kaspersky products are prone to a local privilege-escalation vulnerability because the applications fail to perform adequate boundary checks on user-supplied data.

A local attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successfully exploiting this issue will result in the complete compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

This issue affects versions in the following product groups:

Kaspersky AV 2008
Kaspersky AV for WorkStations 6.0 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/32771.zip