MidnightBSD

Advisories for k7computing

CVE-2012-1420 MEDIUM

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \7fELF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
pandasecurity panda_antivirus 10.0.2.7
microsoft security_essentials 2.0
norman norman_antivirus_&_antispyware 6.06.12
kaspersky kaspersky_anti-virus 7.0.0.125
rising-global rising_antivirus 22.83.00.03
cat quick_heal 11.00
f-prot f-prot_antivirus 4.6.2.117
fortinet fortinet_antivirus 4.2.254.0
authentium command_antivirus 5.2.11.5
eset nod32_antivirus 5795
k7computing antivirus 9.77.3565
CVE-2012-1423 MEDIUM

The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
norman norman_antivirus_&_antispyware 6.06.12
rising-global rising_antivirus 22.83.00.03
f-prot f-prot_antivirus 4.6.2.117
fortinet fortinet_antivirus 4.2.254.0
emsisoft anti-malware 5.1.0.1
virusbuster virusbuster 13.6.151.0
authentium command_antivirus 5.2.11.5
eset nod32_antivirus 5795
k7computing antivirus 9.77.3565
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
pc_tools pc_tools_antivirus 7.0.3.5
CVE-2012-1426 MEDIUM

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \42\5A\68 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
norman norman_antivirus_&_antispyware 6.06.12
rising-global rising_antivirus 22.83.00.03
cat quick_heal 11.00
f-prot f-prot_antivirus 4.6.2.117
authentium command_antivirus 5.2.11.5
k7computing antivirus 9.77.3565
CVE-2012-1443 MEDIUM

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
alwil avast_antivirus 4.8.1351.0
pandasecurity panda_antivirus 10.0.2.7
norman norman_antivirus_&_antispyware 6.06.12
antiy avl_sdk 2.0.3.7
aladdin esafe 7.0.17.0
alwil avast_antivirus 5.0.677.0
f-prot f-prot_antivirus 4.6.2.117
emsisoft anti-malware 5.1.0.1
authentium command_antivirus 5.2.11.5
trendmicro trend_micro_antivirus 9.120.0.1004
clamav clamav 0.96.4
microsoft security_essentials 2.0
f-secure f-secure_anti-virus 9.0.16160.0
kaspersky kaspersky_anti-virus 7.0.0.125
rising-global rising_antivirus 22.83.00.03
cat quick_heal 11.00
sophos sophos_anti-virus 4.61.0
fortinet fortinet_antivirus 4.2.254.0
virusbuster virusbuster 13.6.151.0
comodo comodo_antivirus 7424
gdata-software g_data_antivirus 21
ahnlab v3_internet_security 2011.01.18.00
nprotect nprotect_antivirus 2011-01-17.01
symantec endpoint_protection 11.0
pc_tools pc_tools_antivirus 7.0.3.5
avg avg_anti-virus 10.0.0.1190
mcafee gateway 2010.1c
avira antivir 7.11.1.163
mcafee scan_engine 5.400.0.1158
bitdefender bitdefender 7.2
eset nod32_antivirus 5795
jiangmin jiangmin_antivirus 13.0.900
k7computing antivirus 9.77.3565
anti-virus vba32 3.12.14.2
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
trendmicro housecall 9.120.0.1004
CVE-2012-1457 MEDIUM

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
alwil avast_antivirus 4.8.1351.0
norman norman_antivirus_&_antispyware 6.06.12
antiy avl_sdk 2.0.3.7
aladdin esafe 7.0.17.0
alwil avast_antivirus 5.0.677.0
f-prot f-prot_antivirus 4.6.2.117
emsisoft anti-malware 5.1.0.1
authentium command_antivirus 5.2.11.5
trendmicro trend_micro_antivirus 9.120.0.1004
clamav clamav 0.96.4
microsoft security_essentials 2.0
kaspersky kaspersky_anti-virus 7.0.0.125
rising-global rising_antivirus 22.83.00.03
cat quick_heal 11.00
virusbuster virusbuster 13.6.151.0
gdata-software g_data_antivirus 21
symantec endpoint_protection 11.0
pc_tools pc_tools_antivirus 7.0.3.5
avg avg_anti-virus 10.0.0.1190
mcafee gateway 2010.1c
avira antivir 7.11.1.163
mcafee scan_engine 5.400.0.1158
bitdefender bitdefender 7.2
eset nod32_antivirus 5795
jiangmin jiangmin_antivirus 13.0.900
k7computing antivirus 9.77.3565
anti-virus vba32 3.12.14.2
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
trendmicro housecall 9.120.0.1004
CVE-2012-1459 MEDIUM

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
alwil avast_antivirus 4.8.1351.0
pandasecurity panda_antivirus 10.0.2.7
norman norman_antivirus_&_antispyware 6.06.12
antiy avl_sdk 2.0.3.7
alwil avast_antivirus 5.0.677.0
f-prot f-prot_antivirus 4.6.2.117
emsisoft anti-malware 5.1.0.1
authentium command_antivirus 5.2.11.5
trendmicro trend_micro_antivirus 9.120.0.1004
clamav clamav 0.96.4
microsoft security_essentials 2.0
f-secure f-secure_anti-virus 9.0.16160.0
kaspersky kaspersky_anti-virus 7.0.0.125
rising-global rising_antivirus 22.83.00.03
cat quick_heal 11.00
sophos sophos_anti-virus 4.61.0
fortinet fortinet_antivirus 4.2.254.0
virusbuster virusbuster 13.6.151.0
comodo comodo_antivirus 7424
gdata-software g_data_antivirus 21
ahnlab v3_internet_security 2011.01.18.00
nprotect nprotect_antivirus 2011-01-17.01
symantec endpoint_protection 11.0
pc_tools pc_tools_antivirus 7.0.3.5
avg avg_anti-virus 10.0.0.1190
mcafee gateway 2010.1c
avira antivir 7.11.1.163
mcafee scan_engine 5.400.0.1158
bitdefender bitdefender 7.2
eset nod32_antivirus 5795
jiangmin jiangmin_antivirus 13.0.900
k7computing antivirus 9.77.3565
anti-virus vba32 3.12.14.2
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
trendmicro housecall 9.120.0.1004
CVE-2012-1460 MEDIUM

The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with stray bytes at the end. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
antiy avl_sdk 2.0.3.7
aladdin esafe 7.0.17.0
cat quick_heal 11.00
f-prot f-prot_antivirus 4.6.2.117
authentium command_antivirus 5.2.11.5
jiangmin jiangmin_antivirus 13.0.900
k7computing antivirus 9.77.3565
anti-virus vba32 3.12.14.2
CVE-2012-1461 MEDIUM

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
norman norman_antivirus_&_antispyware 6.06.12
emsisoft anti-malware 5.1.0.1
authentium command_antivirus 5.2.11.5
symantec endpoint_protection 11.0
trendmicro trend_micro_antivirus 9.120.0.1004
avg avg_anti-virus 10.0.0.1190
mcafee gateway 2010.1c
f-secure f-secure_anti-virus 9.0.16160.0
kaspersky kaspersky_anti-virus 7.0.0.125
rising-global rising_antivirus 22.83.00.03
sophos sophos_anti-virus 4.61.0
fortinet fortinet_antivirus 4.2.254.0
mcafee scan_engine 5.400.0.1158
bitdefender bitdefender 7.2
eset nod32_antivirus 5795
jiangmin jiangmin_antivirus 13.0.900
k7computing antivirus 9.77.3565
anti-virus vba32 3.12.14.2
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
trendmicro housecall 9.120.0.1004
CVE-2014-7136 HIGH

Heap-based buffer overflow in the K7FWFilt.sys kernel mode driver (aka K7Firewall Packet Driver) before 14.0.1.16, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via a crafted parameter in a DeviceIoControl API call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
k7computing k7firewall_packet_driver *
CVE-2014-8608 MEDIUM

The K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to cause a denial of service (NULL pointer dereference) as demonstrated by a filename containing "crashme$$".

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
k7computing k7av_sentry_device_driver *
CVE-2014-8956 HIGH

Stack-based buffer overflow in the K7Sentry.sys kernel mode driver (aka K7AV Sentry Device Driver) before 12.8.0.119, as used in multiple K7 Computing products, allows local users to execute arbitrary code with kernel privileges via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
k7computing k7av_sentry_device_driver *
CVE-2014-9643 HIGH

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted 0x95002570, 0x95002574, 0x95002580, 0x950025a8, 0x950025ac, or 0x950025c8 IOCTL call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing anti-virus_plus *
k7computing total_security *
k7computing k7sentry.sys *
CVE-2017-16549 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16550 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16551 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16552 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16553 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16554 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16555 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16556 LOW

In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be used to allow local users to write to arbitrary memory locations.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-16557 MEDIUM

K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-17429 LOW

In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW integrity process can access a raw hard disk by sending a specific IOCTL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing endpoint *
k7computing antivirus *
k7computing ultimate_security *
k7computing internet_security *
k7computing total_security *
CVE-2017-17464 HIGH

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0309
CVE-2017-17465 HIGH

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0309
CVE-2017-17699 HIGH

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0309
CVE-2017-17700 HIGH

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0309
CVE-2017-17701 HIGH

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0309
CVE-2017-18019 LOW

In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be used to compare an arbitrary memory address with a fixed value, which in turn can be used to read the contents of arbitrary memory. Similarly, the product crashes upon a \\.\K7Sentry DeviceIoControl call with an invalid kernel pointer.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing total_security *
CVE-2018-11005 MEDIUM

A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-11006 HIGH

An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-11007 MEDIUM

A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-11008 MEDIUM

An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-11009 MEDIUM

A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-11010 MEDIUM

A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-11246 MEDIUM

K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-401,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-5079 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002130.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5080 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020FC.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5081 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020F0.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5082 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002128.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5083 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215B.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5084 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300212C.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5085 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002124.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5086 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300215F.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5087 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002100.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5088 MEDIUM

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8300211C.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5217 MEDIUM

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002578.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5218 MEDIUM

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x950025b0.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5219 MEDIUM

In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002168.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-5220 MEDIUM

In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002610.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
k7computing antivirus 15.1.0306
CVE-2018-8044 MEDIUM

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-863,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-8724 MEDIUM

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,CWE-863,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-8725 MEDIUM

K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-8726 MEDIUM

K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-9332 MEDIUM

K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2018-9333 MEDIUM

K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,CWE-269,

Products Affected

Vendor Product Version
k7computing ultimate_security *
k7computing enterprise_security *
k7computing total_security *
k7computing antivrius *
CVE-2019-16896 LOW

In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly validates the administrative privileges of the user, allowing an arbitrary file write via a symbolic link attack with file restoration functionality.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: LOW

Problem Type: CWE-59,

Products Affected

Vendor Product Version
k7computing k7_ultimate_security 16.0.0117
CVE-2019-16897 HIGH

In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
k7computing k7_antivirus_premium *
k7computing k7_total_security *
k7computing k7_ultimate_security *
CVE-2025-67826

An issue was discovered in K7 Ultimate Security 17.0.2045. A Local Privilege Escalation (LPE) vulnerability in the K7 Ultimate Security antivirus can be exploited by a local unprivileged user on default installations of the product. Insecure access to a named pipe allows unprivileged users to edit any registry key, leading to a full compromise as SYSTEM.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.7 HIGH CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 2.5 5.2

Products Affected

Vendor Product Version
k7computing k7_ultimate_security 17.0.2045