CVE-2016-4307 (GCVE-0-2016-4307)

Vulnerability from cvelistv5 – Published: 2017-01-06 21:00 – Updated: 2024-08-06 00:25
VLAI?
Summary
A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability.
Severity ?
No CVSS data available.
CWE
  • unspecified
Assigner
References
Impacted products
Vendor Product Version
Kaspersky Internet Security Affected: 16.0.0, KLIF driver version 10.0.0.1532
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:25:14.233Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1036702",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036702"
          },
          {
            "name": "1036703",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036703"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.talosintelligence.com/reports/TALOS-2016-0169/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Internet Security",
          "vendor": "Kaspersky",
          "versions": [
            {
              "status": "affected",
              "version": "16.0.0, KLIF driver version 10.0.0.1532"
            }
          ]
        }
      ],
      "datePublic": "2016-08-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unspecified",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-12T09:57:01",
        "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "shortName": "certcc"
      },
      "references": [
        {
          "name": "1036702",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036702"
        },
        {
          "name": "1036703",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036703"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.talosintelligence.com/reports/TALOS-2016-0169/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cert@cert.org",
          "ID": "CVE-2016-4307",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Internet Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "16.0.0, KLIF driver version 10.0.0.1532"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Kaspersky"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unspecified"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1036702",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036702"
            },
            {
              "name": "1036703",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036703"
            },
            {
              "name": "http://www.talosintelligence.com/reports/TALOS-2016-0169/",
              "refsource": "MISC",
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0169/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
    "assignerShortName": "certcc",
    "cveId": "CVE-2016-4307",
    "datePublished": "2017-01-06T21:00:00",
    "dateReserved": "2016-04-27T00:00:00",
    "dateUpdated": "2024-08-06T00:25:14.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kaspersky:internet_security:16.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75401AB3-65DC-4E8F-9BEA-ADB033C66587\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de denegaci\\u00f3n de servicio en la funcionalidad de manejo IOCTL del controlador Kaspersky Internet Security KL1. Una se\\u00f1al IOCTL especialmente manipulada puede provocar una violaci\\u00f3n de acceso en el controlador del kernel KL1 resultando en una denegaci\\u00f3n de servicio en el sistema local. Un atacante puede ejecutar el programa desde el modo de usuario para desencadenar esta vulnerabilidad.\"}]",
      "id": "CVE-2016-4307",
      "lastModified": "2024-11-21T02:51:50.453",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-01-06T21:59:01.493",
      "references": "[{\"url\": \"http://www.securitytracker.com/id/1036702\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.securitytracker.com/id/1036703\", \"source\": \"cret@cert.org\"}, {\"url\": \"http://www.talosintelligence.com/reports/TALOS-2016-0169/\", \"source\": \"cret@cert.org\", \"tags\": [\"Exploit\", \"Technical Description\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://securitytracker.com/id/1036702\", \"source\": \"nvd@nist.gov\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1036702\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1036703\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.talosintelligence.com/reports/TALOS-2016-0169/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Technical Description\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cret@cert.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-284\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-4307\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2017-01-06T21:59:01.493\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A denial of service vulnerability exists in the IOCTL handling functionality of Kaspersky Internet Security KL1 driver. A specially crafted IOCTL signal can cause an access violation in KL1 kernel driver resulting in local system denial of service. An attacker can run a program from user-mode to trigger this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de denegaci\u00f3n de servicio en la funcionalidad de manejo IOCTL del controlador Kaspersky Internet Security KL1. Una se\u00f1al IOCTL especialmente manipulada puede provocar una violaci\u00f3n de acceso en el controlador del kernel KL1 resultando en una denegaci\u00f3n de servicio en el sistema local. Un atacante puede ejecutar el programa desde el modo de usuario para desencadenar esta vulnerabilidad.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kaspersky:internet_security:16.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75401AB3-65DC-4E8F-9BEA-ADB033C66587\"}]}]}],\"references\":[{\"url\":\"http://www.securitytracker.com/id/1036702\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.securitytracker.com/id/1036703\",\"source\":\"cret@cert.org\"},{\"url\":\"http://www.talosintelligence.com/reports/TALOS-2016-0169/\",\"source\":\"cret@cert.org\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://securitytracker.com/id/1036702\",\"source\":\"nvd@nist.gov\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1036702\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1036703\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.talosintelligence.com/reports/TALOS-2016-0169/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.