Multiple vulnerabilities in Kaspersky products

Description

Multiple critical vulnerabilities have been found in Kaspersky Anti-Virus and Kaspersky Internet Security. Malicious users can exploit these vulnerabilities to execute arbitrary code or read & overwrite local files. Below is a complete list of vulnerabilities

1. An integer overflow can be exploited remotely via a specially designed data size argument;
2. Unknown vectors related to file downloading and uploading can be exploited remotely via specially designed arguments;
3. A buffer overflow can be exploited remotely via specially designed ARJ files.

Original advisories

Related products

• Kaspersky-Internet-Security
• Kaspersky-Anti-Virus

CVE list

• CVE-2007-0445
  critical
• CVE-2007-1112
  critical
• CVE-2007-1879
  critical
• CVE-2007-1880
  high

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com