This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.
An antivirus product installed on the remote Windows host has a local
privilege escalation vulnerability.
The version of either Kaspersky Anti-Virus or Kaspersky Internet
Security installed on the remote host has a local privilege escalation
The Everyone group has Full Control rights to the 'Bases' directory.
This directory contains antivirus bases, configuration files, and
executable modules used by multiple Kaspersky products.
A local attacker could exploit this to execute arbitrary code with
See also :
Upgrade to one of the following versions :
- Kaspersky Anti-Virus 2010 (188.8.131.526)
- Kaspersky Internet Security 2010 (184.108.40.2066)
- Kaspersky Anti-Virus 6.0 for Windows Workstations
- Kaspersky Anti-Virus 6.0 for Windows File Servers
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.0
Public Exploit Available : true