CVE: CVE-2006-4926

Export to Word

The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

S9 – Sabotage of System/App

EPSS

Score: 0.00308
Percentile: 0.53492

CVSS Scoring

CVSS v2 Score: 7.2

Severity:

Affected Products

cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_workstations:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:workstations:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0:*:*:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal_pro:5.0:*:*:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:6.0:maintenance_pack_2:*:*:*:*:*:*

← Back to Home