CVE-2019-8286

Name of the Vulnerable Software and Affected Versions Kaspersky Anti-Virus versions up to 2019 Kaspersky Internet Security versions up to 2019 Kaspersky Total Security versions up to 2019 Kaspersky Free Anti-Virus (affected versions not specified) Kaspersky Small Office Security (affected versions not specified)

Description The issue is related to information disclosure in Kaspersky antivirus products. It could potentially disclose a unique Product ID by forcing the victim to visit a specially crafted webpage, such as via clicking a phishing link. This could allow a remote attacker to reveal protected information using a specially formed web page. The flaw may have allowed online trackers to identify users without using browser cookies.

Recommendations For Kaspersky Anti-Virus versions up to 2019, update to a version later than 2019 to resolve the issue. For Kaspersky Internet Security versions up to 2019, update to a version later than 2019 to resolve the issue. For Kaspersky Total Security versions up to 2019, update to a version later than 2019 to resolve the issue. For Kaspersky Free Anti-Virus, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Kaspersky Small Office Security, at the moment, there is no information about a newer version that contains a fix for this vulnerability.