KLA10234
Multiple vulnerabilities in Kaspersky products
Updated: 06/01/2019
Detect date
?
04/05/2007
Severity
?
Critical
Description

Multiple critical vulnerabilities have been found in Kaspersky Anti-Virus and Kaspersky Internet Security. Malicious users can exploit these vulnerabilities to execute arbitrary code or read & overwrite local files. Below is a complete list of vulnerabilities

  1. An integer overflow can be exploited remotely via a specially designed data size argument;
  2. Unknown vectors related to file downloading and uploading can be exploited remotely via specially designed arguments;
  3. A buffer overflow can be exploited remotely via specially designed ARJ files.
Affected products

Kaspersky Anti-Virus version 6.0
Kaspersky Internet Security version 6.0

Solution

Update to latest version

Impacts
?
ACE 
[?]

WLF 
[?]

RLF 
[?]
CVE-IDS
?
CVE-2007-044510.0Critical
CVE-2007-111210.0Critical
CVE-2007-18799.3Critical
CVE-2007-18806.6High