Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kaspersky kl1.sys驱动本地栈溢出漏洞
Vulnerability Description
Kaspersky Internet Security套件是一套完整的解决方案,用于保护计算机抵御几乎所有来自互联网的主要的威胁。 Internet Security及其他Kaspersky产品中所发布的kl1.sys内核驱动在处理IOCTL 0x800520e8时没有对向swprintf函数所传送的数据执行边界检查,在这种情况下目标缓冲区为2,000单元宽字符数据,因此如果源缓冲区超过了2000字符的话,就可以触发栈溢出,导致执行任意内核态指令。
CVSS Information
N/A
Vulnerability Type
N/A