Vendor
Kingsoft
Products
12
CVEs
12
Across products
14
Status
Private
Products
12- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
12| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2010-5164 | Med | 0.34 | 5.3 | 0.00 | Aug 25, 2012 | Race condition in KingSoft Personal Firewall 9 Plus 2009.05.07.70 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute | |
| CVE-2012-4886 | 0.07 | — | 0.53 | Mar 24, 2014 | Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code via a long BSTR string. | ||
| CVE-2013-3934 | 0.06 | — | 0.44 | Sep 10, 2013 | Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, as used in Kingsoft Office 2013 before 9.1.0.4256, allows remote attackers to execute arbitrary code via a long font name in a WPS file. | ||
| CVE-2008-1307 | 0.04 | — | 0.08 | Mar 12, 2008 | Heap-based buffer overflow in the KUpdateObj2 Class ActiveX control in UpdateOcx2.dll in Beijing KingSoft Antivirus Online Update Module 2007.12.29.29 allows remote attackers to execute arbitrary code via a long argument to the SetUninstallName method. | ||
| CVE-2011-0515 | 0.03 | — | 0.00 | Jan 20, 2011 | KisKrnl.sys 2011.1.13.89 and earlier in Kingsoft AntiVirus 2011 SP5.2 allows local users to cause a denial of service (crash) via a crafted request that is not properly handled by the KiFastCallEntry hook. | ||
| CVE-2010-3396 | 0.03 | — | 0.00 | Sep 15, 2010 | Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to execute arbitrary code via a long argument to IOCTL 0x80030004. NOTE: some of these details are obtained from third party information. | ||
| CVE-2010-2031 | 0.03 | — | 0.00 | May 24, 2010 | KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device. | ||
| CVE-2013-0710 | 0.01 | — | 0.11 | Mar 5, 2013 | Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document. | ||
| CVE-2013-5999 | 0.00 | — | 0.00 | Nov 22, 2013 | Kingsoft KDrive Personal before 1.21.0.1880 on Windows does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||
| CVE-2013-0723 | 0.00 | — | 0.06 | Jul 29, 2013 | Multiple heap-based buffer overflows in etxrw.dll in Kingsoft Spreadsheets 2012 8.1.0.3030 allow remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via a crafted spreadsheet file. | ||
| CVE-2012-0321 | 0.00 | — | 0.00 | Mar 2, 2012 | Unspecified vulnerability in the device driver in Kingsoft Internet Security 2011 allows local users to cause a denial of service via a crafted application. | ||
| CVE-2004-1494 | 0.00 | — | 0.02 | Dec 31, 2004 | Buffer overflow in the Screen Fetch option in XDICT 2002 through 2005 allows remote attackers to cause a denial of service ( CPU consumption or application exit) and possibly execute arbitrary code via a long string. |