CVE-2006-3074

medium

Description

klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a denial of service (reboot) via an invalid parameter, as demonstrated by the ClientId parameter to NtOpenProcess.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34875

https://exchange.xforce.ibmcloud.com/vulnerabilities/27104

http://www.vupen.com/english/advisories/2007/2145

http://www.vupen.com/english/advisories/2006/2333

http://www.securitytracker.com/id?1018257

http://www.securityfocus.com/bid/24491

http://www.securityfocus.com/bid/18341

http://www.securityfocus.com/archive/1/471453/100/0/threaded

http://www.rootkit.com/newsread.php?newsid=726

http://www.rootkit.com/board.php?did=edge726&closed=0&lastx=15

http://www.matousec.com/info/advisories/Kaspersky-Multiple-insufficient-argument-validation-of-hooked-SSDT-functions.php

http://www.kaspersky.com/technews?id=203038695

http://uninformed.org/index.cgi?v=4&a=4&p=7

http://uninformed.org/index.cgi?v=4&a=4&p=4

http://secunia.com/advisories/25603

http://secunia.com/advisories/20629

Details

Source: Mitre, NVD

Published: 2006-06-19

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.03155