Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for password_manager by kaspersky

    CVE-2021-35052 (GCVE-0-2021-35052)

    Vulnerability from nvd – Published: 2021-11-23 15:30 – Updated: 2024-08-04 00:33
    VLAI
    Summary
    A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High.
    Severity
    No CVSS data available.
    CWE
    • LPE
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Kaspersky Password Manager for Windows Affected: KPM for Windows prior to 9.0.2 Patch R
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:33:50.733Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Kaspersky Password Manager for Windows",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "KPM for Windows prior to 9.0.2 Patch R"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "LPE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-29T10:06:04.000Z",
            "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
            "shortName": "Kaspersky"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnerability@kaspersky.com",
              "ID": "CVE-2021-35052",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Kaspersky Password Manager for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "KPM for Windows prior to 9.0.2 Patch R"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "LPE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121",
                  "refsource": "MISC",
                  "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "assignerShortName": "Kaspersky",
        "cveId": "CVE-2021-35052",
        "datePublished": "2021-11-23T15:30:38.000Z",
        "dateReserved": "2021-06-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:33:50.733Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-27020 (GCVE-0-2020-27020)

    Vulnerability from nvd – Published: 2021-05-14 11:00 – Updated: 2024-08-04 16:03
    VLAI
    Summary
    Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Kaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOS Affected: KPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:03:23.260Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Kaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOS",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "KPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-14T11:00:04.000Z",
            "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
            "shortName": "Kaspersky"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnerability@kaspersky.com",
              "ID": "CVE-2020-27020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Kaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "KPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421",
                  "refsource": "MISC",
                  "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "assignerShortName": "Kaspersky",
        "cveId": "CVE-2020-27020",
        "datePublished": "2021-05-14T11:00:04.000Z",
        "dateReserved": "2020-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:03:23.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6306 (GCVE-0-2018-6306)

    Vulnerability from nvd – Published: 2018-04-19 13:00 – Updated: 2024-09-17 01:30
    VLAI
    Summary
    Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538.
    Severity
    No CVSS data available.
    CWE
    • Unauthorized code execution from specific DLL
    Assigner
    References
    Impacted products
    Date Public
    2018-04-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:48.695Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Kaspersky Password Manager",
              "vendor": "Kaspersky Lab",
              "versions": [
                {
                  "status": "affected",
                  "version": "Before 8.0.6.538"
                }
              ]
            }
          ],
          "datePublic": "2018-04-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Unauthorized code execution from specific DLL",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-19T12:57:01.000Z",
            "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
            "shortName": "Kaspersky"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnerability@kaspersky.com",
              "DATE_PUBLIC": "2018-04-12T00:00:00",
              "ID": "CVE-2018-6306",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Kaspersky Password Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Before 8.0.6.538"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Kaspersky Lab"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Unauthorized code execution from specific DLL"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418",
                  "refsource": "CONFIRM",
                  "url": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "assignerShortName": "Kaspersky",
        "cveId": "CVE-2018-6306",
        "datePublished": "2018-04-19T13:00:00.000Z",
        "dateReserved": "2018-01-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:30:42.840Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-35052 (GCVE-0-2021-35052)

    Vulnerability from cvelistv5 – Published: 2021-11-23 15:30 – Updated: 2024-08-04 00:33
    VLAI
    Summary
    A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High.
    Severity
    No CVSS data available.
    CWE
    • LPE
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Kaspersky Password Manager for Windows Affected: KPM for Windows prior to 9.0.2 Patch R
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T00:33:50.733Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Kaspersky Password Manager for Windows",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "KPM for Windows prior to 9.0.2 Patch R"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "LPE",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-11-29T10:06:04.000Z",
            "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
            "shortName": "Kaspersky"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnerability@kaspersky.com",
              "ID": "CVE-2021-35052",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Kaspersky Password Manager for Windows",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "KPM for Windows prior to 9.0.2 Patch R"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A component in Kaspersky Password Manager could allow an attacker to elevate a process Integrity level from Medium to High."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "LPE"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121",
                  "refsource": "MISC",
                  "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#221121"
                },
                {
                  "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/",
                  "refsource": "MISC",
                  "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1335/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "assignerShortName": "Kaspersky",
        "cveId": "CVE-2021-35052",
        "datePublished": "2021-11-23T15:30:38.000Z",
        "dateReserved": "2021-06-18T00:00:00.000Z",
        "dateUpdated": "2024-08-04T00:33:50.733Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-27020 (GCVE-0-2020-27020)

    Vulnerability from cvelistv5 – Published: 2021-05-14 11:00 – Updated: 2024-08-04 16:03
    VLAI
    Summary
    Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation).
    Severity
    No CVSS data available.
    CWE
    • Information Disclosure
    Assigner
    References
    Impacted products
    Vendor Product Version
    n/a Kaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOS Affected: KPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:03:23.260Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Kaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOS",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "KPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Disclosure",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-14T11:00:04.000Z",
            "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
            "shortName": "Kaspersky"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnerability@kaspersky.com",
              "ID": "CVE-2020-27020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Kaspersky Password Manager for Windows, Kaspersky Password Manager for Android, Kaspersky Password Manager for iOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "KPM for Windows prior to 9.2 Patch F, KPM for Android prior to 9.2.14.872, KPM for iOS prior to 9.2.14.31"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Password generator feature in Kaspersky Password Manager was not completely cryptographically strong and potentially allowed an attacker to predict generated passwords in some cases. An attacker would need to know some additional information (for example, time of password generation)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Disclosure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421",
                  "refsource": "MISC",
                  "url": "https://support.kaspersky.com/general/vulnerability.aspx?el=12430#270421"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "assignerShortName": "Kaspersky",
        "cveId": "CVE-2020-27020",
        "datePublished": "2021-05-14T11:00:04.000Z",
        "dateReserved": "2020-10-12T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:03:23.260Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6306 (GCVE-0-2018-6306)

    Vulnerability from cvelistv5 – Published: 2018-04-19 13:00 – Updated: 2024-09-17 01:30
    VLAI
    Summary
    Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538.
    Severity
    No CVSS data available.
    CWE
    • Unauthorized code execution from specific DLL
    Assigner
    References
    Impacted products
    Date Public
    2018-04-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:01:48.695Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Kaspersky Password Manager",
              "vendor": "Kaspersky Lab",
              "versions": [
                {
                  "status": "affected",
                  "version": "Before 8.0.6.538"
                }
              ]
            }
          ],
          "datePublic": "2018-04-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Unauthorized code execution from specific DLL",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-04-19T12:57:01.000Z",
            "orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
            "shortName": "Kaspersky"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vulnerability@kaspersky.com",
              "DATE_PUBLIC": "2018-04-12T00:00:00",
              "ID": "CVE-2018-6306",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Kaspersky Password Manager",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Before 8.0.6.538"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Kaspersky Lab"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Unauthorized code execution from specific DLL"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418",
                  "refsource": "CONFIRM",
                  "url": "https://support.kaspersky.com/vulnerability.aspx?el=12430#120418"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
        "assignerShortName": "Kaspersky",
        "cveId": "CVE-2018-6306",
        "datePublished": "2018-04-19T13:00:00.000Z",
        "dateReserved": "2018-01-25T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:30:42.840Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }