KLA10946
Denial of service vulnerability in Kaspersky products
Updated: 06/01/2019
Detect date
?
01/06/2017
Severity
?
Warning
Description

Vulnerability was found in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver in Kaspersky products. By exploiting this vulnerability malicious users can cause an access violation and a denial of service as a result. This vulnerability can be exploited locally via a specialy designed IOCTL signal.


Technical details

Vulnerability can be exploited only in case machine already contains a malicious program.

Affected products

Kaspersky Internet Security 2016 (16.0.0.614) 
Kaspersky Anti-Virus 2016 (16.0.0.614) 
Kaspersky Total Security 2016 (16.0.0.614)

Solution

Install all updates for the products

Original advisories

Kaspersky Lab Advisory

Impacts
?
DoS 
[?]
CVE-IDS
?
CVE-2016-43072.1Warning