Kaspersky Anti-virus Security Vulnerabilities and Issues — Kaspersky Anti-virus CVE List

Lucene search

Kaspersky LabKaspersky Anti-virus

8 matches found

CVE•added 2007/04/06 12:19 a.m.•64 views

CVE-2007-1879

The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. N...

9.3CVSS6.5AI score0.03907EPSS

CVE•added 2007/04/06 12:19 a.m.•63 views

CVE-2007-0445

Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ a...

10CVSS8AI score0.19686EPSS

CVE•added 2007/04/06 12:19 a.m.•53 views

CVE-2007-1112

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) Del...

10CVSS6.6AI score0.03907EPSS

CVE•added 2007/04/06 12:19 a.m.•51 views

CVE-2007-1881

Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.

6.8CVSS6.5AI score0.00133EPSS

CVE•added 2007/09/26 10:17 a.m.•47 views

CVE-2007-5086

Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor Table (SSDT) and Shadow SSDT function handlers, which allows local users to cause a denial of service (crash) via the (1) NtUserSendInput, (2) LoadLibraryA, (3) Nt...

2.1CVSS6.2AI score0.00061EPSS

CVE•added 2007/10/23 1:0 a.m.•44 views

CVE-2003-1443

Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com.

4.4CVSS6.7AI score0.00052EPSS

CVE•added 2007/04/06 12:19 a.m.•43 views

CVE-2007-1880

Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "d...

6.6CVSS7.7AI score0.0007EPSS

CVE•added 2007/10/23 1:0 a.m.•33 views

CVE-2003-1444

Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.

4.4CVSS6.9AI score0.00052EPSS