Vulnerabilities > CVE-2007-1112 - Unspecified vulnerability in Kaspersky LAB Kaspersky Anti-Virus and Kaspersky Internet Security

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

kaspersky-lab

nessus

NVD

Published: 2007-04-06

Updated: 2024-11-21

Summary

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods.

Vulnerable Configurations

Part	Description	Count
Application	Kaspersky_Lab Kaspersky LAB Kaspersky Anti Virus 6.0 Kaspersky LAB Kaspersky Internet Security 6.0	2

Nessus

NASL family	Windows
NASL id	KASPERSKY_AV6_MULT_VULNS.NASL
description	The version of the Kaspersky antivirus product installed on the remote host may be affected by buffer overflow, privilege escalation, and information disclosure vulnerabilities, depending on the actual product installed.
last seen	2020-06-01
modified	2020-06-02
plugin id	25021
published	2007-04-10
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/25021
title	Kaspersky Anti-Virus < 6.0.2.614 Multiple Vulnerabilities

Summary

Vulnerable Configurations

Nessus

References