admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2006/CVE-2006-30xx/CVE-2006-3074.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

275 lines
8.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2006-3074",
"sourceIdentifier": "cve@mitre.org",
"published": "2006-06-19T10:02:00.000",
"lastModified": "2024-11-21T00:12:45.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess."
},
{
"lang": "es",
"value": "klif.sys en Kaspersky Internet Security v6.0 y v7.0, Kaspersky Anti-Virus (KAV) v6.0 y v7.0, KAV v6.0 para Windows Workstations, y KAV v6.0 para Windows Servers no validan de forma adecuada ciertos par\u00e1metros de llamadas al sistema \"enganchadas\" sobre (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, y (12) NtQueryValueKey, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (reinicio) a trav\u00e9s de un par\u00e1metro inv\u00e1lido, como se demostr\u00f3 con el par\u00e1metro ClientId sobre NtOpenProcess."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"baseScore": 5.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8015458-2645-482D-A0D3-B08B73655E06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A85D0F7D-B2F5-49D2-9CA8-1B02A4A72872"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "016D3A82-25B8-433E-B159-DC8EBBF68733"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaspersky:kaspersky_internet_security:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CF832371-8A92-4FF6-BB6E-AECB2E5CE7E2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8015458-2645-482D-A0D3-B08B73655E06"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA0CCC0-F2BE-4AF8-844E-CEA1B276792D"
}
]
}
]
}
],
"references": [
{
"url": "http://secunia.com/advisories/20629",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/25603",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://uninformed.org/index.cgi?v=4&a=4&p=4",
"source": "cve@mitre.org"
},
{
"url": "http://uninformed.org/index.cgi?v=4&a=4&p=7",
"source": "cve@mitre.org"
},
{
"url": "http://www.kaspersky.com/technews?id=203038695",
"source": "cve@mitre.org"
},
{
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"source": "cve@mitre.org"
},
{
"url": "http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15",
"source": "cve@mitre.org"
},
{
"url": "http://www.rootkit.com/newsread.php?newsid=726",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/18341",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/24491",
"source": "cve@mitre.org"
},
{
"url": "http://www.securitytracker.com/id?1018257",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2006/2333",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/2145",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104",
"source": "cve@mitre.org"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/20629",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://secunia.com/advisories/25603",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://uninformed.org/index.cgi?v=4&a=4&p=4",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://uninformed.org/index.cgi?v=4&a=4&p=7",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.kaspersky.com/technews?id=203038695",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.rootkit.com/newsread.php?newsid=726",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/archive/1/471453/100/0/threaded",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/18341",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securityfocus.com/bid/24491",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.securitytracker.com/id?1018257",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.vupen.com/english/advisories/2006/2333",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.vupen.com/english/advisories/2007/2145",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27104",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34875",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink