Lucene search

MitreCVE-2003-1443

HistoryOct 23, 2007 - 1:00 a.m.

CVE-2003-1443

2007-10-2301:00:00

CWE-20

mitre

web.nvd.nist.gov

kaspersky antivirus

kav

virus detection

ms-dos

cve-2003-1443

nvd

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

Percentile

5.1%

JSON

Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com.

Affected configurations

Nvd

Node

kaspersky_labkaspersky_anti-virusMatch4.0.9.0

VendorProductVersionCPE
kaspersky_labkaspersky_anti-virus4.0.9.0cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0.9.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kaspersky_lab	kaspersky_anti-virus	4.0.9.0	cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0.9.0:::::::*

References

archives.neohapsis.com/archives/bugtraq/2003-02/0130.html

exchange.xforce.ibmcloud.com/vulnerabilities/11292

CVSS2

4.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2003-1443