Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2007-04-06 00:19
Updated : 2024-02-28 11:01
NVD link : CVE-2007-1112
Mitre link : CVE-2007-1112
CVE.ORG link : CVE-2007-1112
JSON object : View
Products Affected
kaspersky_lab
- kaspersky_anti-virus
- kaspersky_internet_security
CWE