Vulnerabilities > CVE-2017-16549 - Out-of-bounds Write vulnerability in K7Computing products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

k7computing

CWE-787

NVD

Published: 2018-01-16

Updated: 2019-10-03

Summary

K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls.

Vulnerable Configurations

Part	Description	Count
Application	K7Computing K7Computing Antivirus * K7Computing Internet Security * K7Computing Ultimate Security 14.2.0.252 K7Computing Endpoint * K7Computing Total Security 14.2.0.252 K7Computing Total Security 15.1.0.305 K7Computing Total Security *	8

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://support.k7computing.com/index.php?/Knowledgebase/Article/View/173/41/advisory-issued-on-6th-november-2017