CVE-2006-4926

Description

The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.

Affected products

• Kaspersky Lab / kaspersky_anti-virus5.0 – 5.0
• Kaspersky Lab / kaspersky_anti-virus6.0 – 6.0
• Kaspersky Lab / kaspersky_anti-virus_personal5.0 – 5.0
• Kaspersky Lab / kaspersky_anti-virus_personal_pro5.0 – 5.0
• Kaspersky Lab / kaspersky_internet_security6.0 – 6.0

References

• MISChttp://www.securityfocus.com/archive/1/449289/100/0/threaded
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/29677
• MISChttp://www.osvdb.org/29891
• MISChttp://www.securityfocus.com/archive/1/449301/100/0/threaded
• MISChttp://www.kaspersky.com/technews?id=203038678
• MISChttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=425
• VENDOR_ADVISORYhttp://secunia.com/advisories/22478
• MISChttp://www.securityfocus.com/bid/20635
• MISChttp://securitytracker.com/id?1017093
• VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4117