Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-1881 — LAB Kaspersky Anti-virus vulnerability

6 documents4 sources

Severity

6.8MEDIUMNVD

EPSS

0.1%

top 65.95%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Kaspersky LAB Kaspersky Anti-virus Kaspersky LAB Kaspersky Internet Security

Timeline

PublishedApr 6

Latest updateMay 1

Description

Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows local users to gain Ring-0 privileges via unspecified vectors.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.1 | Impact: 10.0

Affected Packages2 packages

▶NVDkaspersky_lab/kaspersky_anti-virus6.0+1

▶NVDkaspersky_lab/kaspersky_internet_security6.0.1.411

🔴Vulnerability Details

GHSA

GHSA-4qvx-5c8m-ggvv: Unspecified vulnerability in KLIF (klif↗2022-05-01

▶

CVEList

CVE-2007-1881: Unspecified vulnerability in KLIF (klif↗2007-04-06

▶

💥Exploits & PoCs

Exploit-DB

VideoLAN VLC Media Player 0.8.6d SSA Parsing Double Sh311 - Universal↗2008-05-23

▶

Exploit-DB

Phorum 5.1.20 - 'pm.php' Recipient Name SQL Injection↗2007-04-23

▶

Exploit-DB

Kaspersky AntiVirus 6.0 - Local Privilege Escalation↗2007-01-15

▶