Vulnerability Description
Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kaspersky Lab | Kaspersky Anti-Virus | 4.0.9.0 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11292
- http://archives.neohapsis.com/archives/bugtraq/2003-02/0130.htmlExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/11292
FAQ
What is CVE-2003-1443?
CVE-2003-1443 is a vulnerability with a CVSS score of 4.4 (MEDIUM). Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and a...
How severe is CVE-2003-1443?
CVE-2003-1443 has been rated MEDIUM with a CVSS base score of 4.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1443?
Check the references section above for vendor advisories and patch information. Affected products include: Kaspersky Lab Kaspersky Anti-Virus.