Vulnerabilities > CVE-2007-1880 - Unspecified vulnerability in Kaspersky LAB Kaspersky Anti-Virus and Kaspersky Internet Security

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

kaspersky-lab

nessus

NVD

Published: 2007-04-06

Updated: 2024-11-21

Summary

Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.

Vulnerable Configurations

Part	Description	Count
Application	Kaspersky_Lab Kaspersky LAB Kaspersky Anti Virus 6.0 Kaspersky LAB Kaspersky Anti Virus * Kaspersky LAB Kaspersky Internet Security *	4

Nessus

NASL family	Windows
NASL id	KASPERSKY_AV6_MULT_VULNS.NASL
description	The version of the Kaspersky antivirus product installed on the remote host may be affected by buffer overflow, privilege escalation, and information disclosure vulnerabilities, depending on the actual product installed.
last seen	2020-06-01
modified	2020-06-02
plugin id	25021
published	2007-04-10
reporter	This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/25021
title	Kaspersky Anti-Virus < 6.0.2.614 Multiple Vulnerabilities

Summary

Vulnerable Configurations

Nessus

References