CVE-2007-1112

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:windows_workstation:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_internet_security:6.0:maintenance_pack_2:*:*:*:*:*:*

History

No history.

Information

Published : 2007-04-06 00:19

Updated : 2024-02-28 11:01


NVD link : CVE-2007-1112

Mitre link : CVE-2007-1112

CVE.ORG link : CVE-2007-1112


JSON object : View

Products Affected

kaspersky_lab

  • kaspersky_anti-virus
  • kaspersky_internet_security