CVE-2007-1112
published 2007-04-06CVE-2007-1112: Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo…
PriorityP342critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
4.88%
91.0th percentile
Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kaspersky_lab | kaspersky_anti-virus | — | — |
| kaspersky_lab | kaspersky_internet_security | <= 6.0.1.411 | — |
| kaspersky_lab | kaspersky_internet_security | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q32c-8v8g-6597: Kaspersky Anti-Virus 6
ghsa_unreviewed·2022-05-01
CVE-2007-1112 [HIGH] GHSA-q32c-8v8g-6597: Kaspersky Anti-Virus 6
Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods.
GHSA
GHSA-6h47-3rcf-qqpq: The StartUploading function in KL
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2007-1879 [CRITICAL] GHSA-6h47-3rcf-qqpq: The StartUploading function in KL
The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/24778http://www.kaspersky.com/technews?id=203038694http://www.securityfocus.com/archive/1/464882/100/0/threadedhttp://www.securityfocus.com/bid/23345http://www.securitytracker.com/id?1017884http://www.securitytracker.com/id?1017885http://www.vupen.com/english/advisories/2007/1268http://www.zerodayinitiative.com/advisories/ZDI-07-014.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/33464http://secunia.com/advisories/24778http://www.kaspersky.com/technews?id=203038694http://www.securityfocus.com/archive/1/464882/100/0/threadedhttp://www.securityfocus.com/bid/23345http://www.securitytracker.com/id?1017884http://www.securitytracker.com/id?1017885http://www.vupen.com/english/advisories/2007/1268http://www.zerodayinitiative.com/advisories/ZDI-07-014.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/33464
2007-04-06
Published