In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120; and K7 Ultimate Security 16.0.xxx through 16.0.0120, the module K7TSHlpr.dll improperly validates the administrative privileges of the user, allowing arbitrary registry writes in the K7AVOptn.dll module to facilitate escalation of privileges via inter-process communication with a service process.
Max CVSS
9.8
EPSS Score
0.66%
Published
2019-10-28
Updated
2019-10-31
An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
Max CVSS
8.8
EPSS Score
0.06%
Published
2021-01-11
Updated
2021-01-12
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025c8 DeviceIoControl request.
Max CVSS
9.8
EPSS Score
0.66%
Published
2017-12-15
Updated
2017-12-20
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request.
Max CVSS
9.8
EPSS Score
0.66%
Published
2017-12-15
Updated
2017-12-20
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request.
Max CVSS
9.8
EPSS Score
0.66%
Published
2017-12-15
Updated
2017-12-20
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002574 DeviceIoControl request.
Max CVSS
9.8
EPSS Score
0.25%
Published
2017-12-08
Updated
2017-12-20
K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x95002570 DeviceIoControl request.
Max CVSS
9.8
EPSS Score
0.25%
Published
2017-12-08
Updated
2017-12-20
K7AntiVirus 7.10.541 and possibly 7.10.454, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
Max CVSS
9.3
EPSS Score
0.64%
Published
2008-12-12
Updated
2018-10-11
8 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!