ByteOS Network

Vulnerability Details :

CVE-2005-3663

Assigner-mitre

Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At-18 Nov, 2005 | 11:00

Updated At-07 Aug, 2024 | 23:17

Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:mitre

Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca

Published At:18 Nov, 2005 | 11:00

Updated At:07 Aug, 2024 | 23:17

▼CVE Numbering Authority (CNA)

Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.

Affected Products

Vendor

n/a

Product

n/a

Versions

Affected

Problem Types

Type	CWE ID	Description
text	N/A	n/a

Type: text

CWE ID: N/A

Description: n/a

References

Hyperlink	Resource
http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities	third-party-advisory x_refsource_IDEFENSE
http://securitytracker.com/id?1015224	vdb-entry x_refsource_SECTRACK
http://securityreason.com/securityalert/187	third-party-advisory x_refsource_SREASON

Hyperlink: http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities

Resource:

third-party-advisory

x_refsource_IDEFENSE

Hyperlink: http://securitytracker.com/id?1015224

Resource:

vdb-entry

x_refsource_SECTRACK

Hyperlink: http://securityreason.com/securityalert/187

Resource:

third-party-advisory

x_refsource_SREASON

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities	third-party-advisory x_refsource_IDEFENSE x_transferred
http://securitytracker.com/id?1015224	vdb-entry x_refsource_SECTRACK x_transferred
http://securityreason.com/securityalert/187	third-party-advisory x_refsource_SREASON x_transferred

Hyperlink: http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities

Resource:

third-party-advisory

x_refsource_IDEFENSE

x_transferred

Hyperlink: http://securitytracker.com/id?1015224

Resource:

vdb-entry

x_refsource_SECTRACK

x_transferred

Hyperlink: http://securityreason.com/securityalert/187

Resource:

third-party-advisory

x_refsource_SREASON

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:cve@mitre.org

Published At:18 Nov, 2005 | 06:04

Updated At:03 Apr, 2025 | 01:03

Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C

Type: Primary

Version: 2.0

Base score: 7.2

Base severity: HIGH

Vector:

AV:L/AC:L/Au:N/C:C/I:C/A:C

CPE Matches

Kaspersky Lab

>>kaspersky_anti-virus>>5.0

cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:windows_file_servers:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
NVD-CWE-Other	Primary	nvd@nist.gov

CWE ID: NVD-CWE-Other

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://securityreason.com/securityalert/187	cve@mitre.org	N/A
http://securitytracker.com/id?1015224	cve@mitre.org	N/A
http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities	cve@mitre.org	Vendor Advisory
http://securityreason.com/securityalert/187	af854a3a-2127-422b-91ae-364da2661108	N/A
http://securitytracker.com/id?1015224	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory

Hyperlink: http://securityreason.com/securityalert/187

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://securitytracker.com/id?1015224

Source: cve@mitre.org

Resource: N/A

Hyperlink: http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities

Source: cve@mitre.org

Resource:

Vendor Advisory

Hyperlink: http://securityreason.com/securityalert/187

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://securitytracker.com/id?1015224

Source: af854a3a-2127-422b-91ae-364da2661108

Resource: N/A

Hyperlink: http://www.idefense.com/application/poi/display?id=340&type=vulnerabilities

Source: af854a3a-2127-422b-91ae-364da2661108

Resource:

Vendor Advisory

Similar CVEs

4Records found

CVE-2005-1905

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-7.2||HIGH

EPSS-0.15% / 35.83%

7 Day CHG~0.00%

Published-08 Jun, 2005 | 04:00

Updated-03 Apr, 2025 | 01:03

The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.

Vendor-n/a Kaspersky Lab

Product-kaspersky_anti-virus kaspersky_anti-virus_personal n/a

CVE-2006-4926

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-7.2||HIGH

EPSS-0.31% / 53.44%

7 Day CHG~0.00%

Published-20 Oct, 2006 | 22:00

Updated-07 Aug, 2024 | 19:32

The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL.

Vendor-n/a Kaspersky Lab

Product-kaspersky_anti-virus_personal kaspersky_anti-virus kaspersky_anti-virus_personal_pro kaspersky_internet_security n/a

CVE-2009-0449

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-7.2||HIGH

EPSS-0.32% / 54.45%

7 Day CHG~0.00%

Published-05 Feb, 2009 | 20:00

Updated-07 Aug, 2024 | 04:31

Buffer overflow in klim5.sys in Kaspersky Anti-Virus for Workstations 6.0 and Anti-Virus 2008 allows local users to gain privileges via an IOCTL 0x80052110 call.

Vendor-n/a Kaspersky Lab

Product-kaspersky_anti-virus n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2008-1518

Matching Score-8

Assigner-MITRE Corporation

View Details

Matching Score-8

Assigner-MITRE Corporation

CVSS Score-7.2||HIGH

EPSS-0.09% / 26.15%

7 Day CHG~0.00%

Published-05 Jun, 2008 | 20:21

Updated-07 Aug, 2024 | 08:24

Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call.

Vendor-n/a Kaspersky Lab

Product-kaspersky_anti-virus kaspersky_internet_security n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2005-3663

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs