Documents Associated to Kaspersky Anti/Virus

New User, Welcome! Login

Kaspersky Anti/Virus

Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability

Kaspersky Lab Multiple Products Local Privilege Escalation Vulnerability

BACKGROUND

Due to its high level of professionalism and dedication, Kaspersky Lab has become a market leader in the development of antivirus protection. The company’s main product, Kaspersky Anti-Virus, regularly receives top awards in tests conducted by respected international research centers and IT publications. Kaspersky Lab was the first to develop many technological standards in the antivirus industry, including full-scale solutions for Linux, Unix and NetWare, a new-generation heuristic analyzer designed to detect newly emerging viruses, effective protection against polymorphic and macro viruses, continuously updated antivirus databases and a technique for detecting viruses in archived files.

Source: http://www.kaspersky.com

VULNERABLE PRODUCTS

Kaspersky Anti-Virus 2010 <= 9.0.0.463 pointer dereference vulnerability

/*
Program          : Kaspersky Anti-Virus 2010 9.0.0.463
Homepage         : http://www.kaspersky.com
Discovery        : 2009/09/29
Author Contacted : 2009/10/01
Patch Updated    : 2009/11/16
Found by         : Heurs
This Advisory    : Heurs
Contact          : s.leberre@sysdream.com

A vulnerability in Kaspersky Antivirus

Hello Bugtraq.

I write to notify a vulnerability in Kaspersky Antivirus that allows
the code injection in the process that is executed in user's context,
allowing:

1.      The modification, creation and elimination of the values and keys
in the Registration with respect to the configuration of the
antivirus.

[TZO-30-2009] Kaspersky and the silent patch that wasn't (PDF evasion, forced full disclosure)

Notification to patch window : x+n 
Disclosure Policy : http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html

Affected products (all versions) :
- Kaspersky Internet Security
- Kaspersky Anti-Virus
- Kaspersky Mobile Security
- Kaspersky Small Office Security
- Kaspersky Open Space Security
  - Kaspersky Business Space Security
  - Kaspersky Work Space Security

Malware detection evasion in antivirus software

  BitDefender Antivirus Plus 2012 Build 15.0.31.1282

  F-Secure Anti-Virus 2011  10.51 build 106

  Kaspersky Anti-Virus 2012 12.0.0.374

  McAfee AbtiVirus Plus 11.0 build 11.0.623

  Panda Antivirus Pro 2012

iDefense Security Advisory 06.04.08: Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability

Jun 04, 2008

I. BACKGROUND

aspersky Internet Security Suite is a combination of Kaspersky
anti-virus, anti-spam, and personal firewall in one product. For more
information see the vendor's website at the following URL.

http://www.kaspersky.com/

II. DESCRIPTION

iDefense Security Advisory 06.04.08: Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability

Jun 04, 2008

I. BACKGROUND

aspersky Internet Security Suite is a combination of Kaspersky
anti-virus, anti-spam, and personal firewall in one product. For more
information see the vendor's website at the following URL.

http://www.kaspersky.com/

II. DESCRIPTION

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!