---------------------------------------------------------------------- Secunia customers receive relevant and filtered advisories. Delivery is done via different channels including SMS, Email, Web, and https based XML feed. http://corporate.secunia.com/trial/38/request/ ---------------------------------------------------------------------- TITLE: Kaspersky Products Multiple Vulnerabilities SECUNIA ADVISORY ID: SA24778 VERIFY ADVISORY: http://secunia.com/advisories/24778/ CRITICAL: Highly critical IMPACT: Privilege escalation, DoS, System access, Exposure of sensitive information, Exposure of system information WHERE: >From remote SOFTWARE: Kaspersky Internet Security 6.x http://secunia.com/product/10471/ Kaspersky Anti-Virus 6.x http://secunia.com/product/10470/ Kaspersky Anti-Virus 5.x http://secunia.com/product/2781/ Kaspersky Anti-Virus 4.x http://secunia.com/product/916/ DESCRIPTION: Some vulnerabilities have been reported in various Kaspersky products, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to gain knowledge of sensitive information, cause a DoS (Denial of Service), and potentially compromise a user's system. 1) Unsafe methods (e.g. the "StartUploading()" method) in the AxKLSysInfo.dll and AxKLProd60.dll ActiveX controls can be exploited by malicious websites to remove and retrieve arbitrary files from a user's system. 2) An integer overflow error in klif.sys within the hook function for the "_NtSetValueKey()" function can be exploited to cause a heap-based buffer overflow and potentially execute arbitrary code with escalated privileges. 3) An unspecified error in klif.sys can be exploited by malicious, local users to execute arbitrary code with Ring-0 privileges. 4) A boundary error in the arj.ppl module of the OnDemand Scanner can be exploited to cause a heap-based buffer overflow when scanning a specially crafted ARJ archive. SOLUTION: Update to version 6.0.2.614 or later. Kaspersky Anti-Virus for Windows Workstations: http://www.kaspersky.com/productupdates?chapter=146274385 Kaspersky Anti-Virus for Windows Server: http://www.kaspersky.com/productupdates?chapter=146274391 Kaspersky Internet Security 6.0: http://www.kaspersky.com/productupdates?chapter=186437046 Kaspersky Anti-Virus 6.0: http://www.kaspersky.com/productupdates?chapter=186435857 PROVIDED AND/OR DISCOVERED BY: 1) Discovered by Peter Vreugdenhil and reported via iDefense Labs. The vendor also credits ZDI. 2) Discovered by an anonymous person and reported via iDefense Labs. 3) Reported by the vendor. 4) The vendor credits ZDI. ORIGINAL ADVISORY: Kaspersky: http://www.kaspersky.com/technews?id=203038693 http://www.kaspersky.com/technews?id=203038694 iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=505 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------