Unrated severityNVD Advisory· Published Jun 19, 2006· Updated Jun 16, 2026
CVE-2006-3074
CVE-2006-3074
Description
klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:kaspersky:kaspersky_anti-virus:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0:*:*:*:*:*:*:*
- (no CPE)range: 6.0, 7.0
cpe:2.3:a:kaspersky:kaspersky_internet_security:6.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:kaspersky:kaspersky_internet_security:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:kaspersky:kaspersky_internet_security:7.0:*:*:*:*:*:*:*
- (no CPE)range: 6.0, 7.0
- Range: 6.0
Patches
Vulnerability mechanics
References
16- secunia.com/advisories/20629nvdVendor Advisory
- secunia.com/advisories/25603nvdVendor Advisory
- www.vupen.com/english/advisories/2006/2333nvdVendor Advisory
- www.vupen.com/english/advisories/2007/2145nvdVendor Advisory
- uninformed.org/index.cginvd
- uninformed.org/index.cginvd
- www.kaspersky.com/technewsnvd
- www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.phpnvd
- www.rootkit.com/board.phpnvd
- www.rootkit.com/newsread.phpnvd
- www.securityfocus.com/archive/1/471453/100/0/threadednvd
- www.securityfocus.com/bid/18341nvd
- www.securityfocus.com/bid/24491nvd
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27104nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34875nvd
News mentions
0No linked articles in our index yet.