Kaspersky Internet Security Suite Klif.SYS Driver Local Heap Overflow Vulnerability

Kaspersky Internet Security Suite is prone to a heap-overflow vulnerability because it fails to perform sufficient boundary checks on user-supplied data before copying it to a buffer.

An attacker could leverage this issue to execute arbitrary code with kernel-level privileges. A successful exploit could result in the complete compromise of the affected system.

Kaspersky Internet Security Suite 6.0.1.411 for Microsoft Windows is reported vulnerable; previous versions may be vulnerable as well.


 

Privacy Statement
Copyright 2010, SecurityFocus