|Title:||Kingsoft Antivirus 'kavfm.sys' Buffer overflow Vulnerability|
|Summary:||Check for the version of Kingsoft Antivirus|
Overview: This host is installed with Kingsoft Antivirus and is prone
to buffer overflow vulnerability.
The flaw exists due to an error in the 'kavfm.sys' driver when processing
'IOCTLs'. This can be exploited to corrupt kernel memory and potentially
execute arbitrary code with escalated privileges via a specially crafted
Successful exploitation will allow remote attackers to execute arbitrary code
with SYSTEM-level privileges and completely compromise the affected computer.
Failed exploit attempts will result in a denial-of-service condition.
Impact Level: Application.
Kingsoft Antivirus 2010.04.26.648 and prior
Fix: No solution or patch is available as of 16th September, 2010. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://www.kingsoftsecurity.com/kingsoft-antivirus.html
BugTraq ID: 43173|
Common Vulnerability Exposure (CVE) ID: CVE-2010-3396
|Copyright||Copyright (C) 2010 SecPod|
|This is only one of 50192 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.