Kaspersky Lab : Security Vulnerabilities, CVEs, Published In 2007 (Code Execution) CVSS score >= 2
Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows.
Max CVSS
9.3
EPSS Score
11.95%
Published
2007-10-12
Updated
2017-07-29
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.
Max CVSS
6.6
EPSS Score
0.11%
Published
2007-04-06
Updated
2017-07-29
Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.
Max CVSS
10.0
EPSS Score
56.26%
Published
2007-04-06
Updated
2018-10-16
3 vulnerabilities found