Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1443

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2003-1443
Last Modified 05 Sep 2008 04:36:56
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2003-1443

Summary

Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com.

Vulnerable Systems

Application

  • Kaspersky Lab Kaspersky Anti-virus 4.0.9.0


References

XF - kav-device-name-bypass(11292)

BUGTRAQ - 20030211 SECURITY.NNOV: Kaspersky Antivirus DoS


Last Updated: 27 May 2016 10:38:22