Posts tagged: Memory Corruption Vulnerability

Dec 22 2011

Kaspersky Internet Security – Memory Corruption Vulnerability

Kaspersky VulnerabilityVulnerability-Lab Team discovered a Memory & Pointer Corruption Vulnerability on Kaspersky Internet Security 2011/2012 & Kaspersky Anti-Virus 2011/2012.

The vulnerability is caused by an invalid pointer corruption when processing a corrupt .cfg file through the kaspersky exception filters, which could be exploited by attackers to crash the complete software process.
The bug is located over the basegui.ppl & basegui.dll when processing a .cfg file import.

Vulnerable Modules:

Affected Version(s):
– Kaspersky Anti-Virus 2012 & Kaspersky Internet Security 2012
– KIS 2012 v12.0.0.374
– KAV 2012 v12.x

– Kaspersky Anti-Virus 2011 & Kaspersky Internet Security 2011
– KIS 2011 v11.0.0.232 (a.b)
– KIS 2011 v12.0.0.374

– Kaspersky Anti-Virus 2010 & Kaspersky Internet Security 2010


Vulnerability Research Laboratory – Benjamin K.M. (Rem0ve)

Original Advisory:

Dec 21 2011

Windows-7 Memory Corruption Vulnerability

Windows Memory CorruptionA vulnerability has been discovered in Microsoft Windows, which can be exploited by malicious people to potentially compromise a user’s system.

The vulnerability is caused due to an error in win32k.sys and can be exploited to corrupt memory via e.g. a specially crafted web page containing an IFRAME with an overly large “height” attribute viewed using the Apple Safari browser.

Successful exploitation may allow execution of arbitrary code with kernel-mode privileges.

The vulnerability is confirmed on a fully patched Windows 7 Professional 64-bit.
Other versions may also be affected.

No effective solution is currently available.

Discovered By:

Original Advisory:!/w3bd3vil/status/148454992989261824

<iframe height=’18082563′></iframe> causes a BSoD on win 7 x64 via Safari. Lol!