Vulnerabilities > Kaspersky LAB > Kaspersky Internet Security > 6.0

DATE	CVE	VULNERABILITY TITLE	RISK
2008-06-05	CVE-2008-1518	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Kaspersky LAB Kaspersky Anti-Virus and Kaspersky Internet Security Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call. local low complexity kaspersky-lab CWE-119	7.2
2007-04-06	CVE-2007-1112	Unspecified vulnerability in Kaspersky LAB Kaspersky Anti-Virus and Kaspersky Internet Security Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods. network low complexity kaspersky-lab critical	10.0
2006-10-20	CVE-2006-4926	Local Privilege Escalation vulnerability in Kaspersky Labs Anti-Virus NDIS-TDI Hooking Engine The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL. local low complexity kaspersky-lab	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.