Internet Security

CVEs (6)

CVE	Sev	Risk	CVSS	Published	Description
CVE-2017-12816	Cri	0.64	9.8	Aug 25, 2017	In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions, which might be used by a malware application to get unauthorized access to the product functionality by using Android IPC.
CVE-2017-12817	Hig	0.49	7.5	Aug 25, 2017	In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted.
CVE-2016-4329	Med	0.36	5.5	Jan 6, 2017	A local denial of service vulnerability exists in window broadcast message handling functionality of Kaspersky Anti-Virus software. Sending certain unhandled window messages, an attacker can cause application termination and in the same way bypass KAV self-protection mechanism.
CVE-2016-4307	Med	0.36	5.5	Jan 6, 2017	A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability.
CVE-2016-4305	Med	0.36	5.5	Jan 6, 2017	A denial of service vulnerability exists in the syscall filtering functionality of Kaspersky Internet Security KLIF driver. A specially crafted native api call can cause a access violation in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability.
CVE-2016-4304	Med	0.36	5.5	Jan 6, 2017	A denial of service vulnerability exists in the syscall filtering functionality of the Kaspersky Internet Security KLIF driver. A specially crafted native api call request can cause a access violation exception in KLIF kernel driver resulting in local denial of service. An attacker can run program from user-mode to trigger this vulnerability.