Vulnerabilities > Kaspersky LAB > Kaspersky Internet Security > 6.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-05 | CVE-2008-1518 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Kaspersky LAB Kaspersky Anti-Virus and Kaspersky Internet Security Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain privileges via an IOCTL 0x800520e8 call. | 7.2 |
2007-04-06 | CVE-2007-1112 | Unspecified vulnerability in Kaspersky LAB Kaspersky Anti-Virus and Kaspersky Internet Security Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods. | 10.0 |
2006-10-20 | CVE-2006-4926 | Local Privilege Escalation vulnerability in Kaspersky Labs Anti-Virus NDIS-TDI Hooking Engine The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL. | 7.2 |