Kingsoft Internet Security 2011 vulnerable to denial-of-service


Kingsoft Internet Security 2011 contains a denial-of-service (DoS) vulnerability.

Kingsoft Internet Security 2011 contains a vulnerability in the device driver, which may result in a denial-of-service (DoS).

Satoshi TANDA of Fourteenforty Research Institute Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 4.9 (Medium) [IPA Score]
  • Access Vector: Local
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: None
  • Integrity Impact: None
  • Availability Impact: Complete
Affected Products

  • Kingsoft Internet Security 2011

Note that Kingsoft Internet Security 2012 is not affected by this vulnerability.

An attacker that can login to the system with the software running may cause a denial-of-service (DoS).

[Update the Software]
Update to the latest version according to the information provided by the developer.

According to the developer, the automatic update which addresses this vulnerability has been provided since February 20, 2012.
Vendor Information

CWE (What is CWE?)

  1. No Mapping(CWE-Other) [IPA Evaluation]
CVE (What is CVE?)

  1. CVE-2012-0321

  1. JVN : JVN#31517714
  2. National Vulnerability Database (NVD) : CVE-2012-0321
Revision History

  • [2012/03/01]
      Web page was published