Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses that may be useful in bypassing kernel mitigations. An unprivileged user can run a program from user-mode to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kaspersky Internet Security 信息泄露漏洞
Vulnerability Description
Kaspersky Internet Security(KIS,卡巴斯基安全软件)是俄罗斯卡巴斯基实验室(Kaspersky Lab)研发的一套兼有杀毒软件和防火墙功能的安全软件。KLDISK driver事其中的一个设备连接驱动。 KIS KLDISK程序驱动中的IOCTL处理器存在信息泄露漏洞。攻击者可通过发送特制的IOCTL请求利用该漏洞造成敏感信息泄露(权限命令或内核内存地址)。
CVSS Information
N/A
Vulnerability Type
N/A