CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0445

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1630%
EPSS Percentile22.94th
PublishedApr 6, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.

Affected Platforms (CPE)

πŸ“¦
Kaspersky Lab

Kaspersky Anti Virus

= 6.0
πŸ“¦
Kaspersky Lab

Kaspersky Anti Virus

= 6.0
πŸ“¦
Kaspersky Lab

Kaspersky Anti Virus

= 6.0
πŸ“¦
Kaspersky Lab

Kaspersky Internet Security

<= 6.0

References & Advisories

πŸ”— http://secunia.com/advisories/24778
πŸ”— http://www.kaspersky.com/technews?id=203038693
πŸ”— http://www.kaspersky.com/technews?id=203038694
πŸ”— http://www.securityfocus.com/archive/1/464878/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/23346
πŸ”— http://www.securitytracker.com/id?1017882
πŸ”— http://www.securitytracker.com/id?1017883
πŸ”— http://www.vupen.com/english/advisories/2007/1268

Related Vulnerabilities

CVE-2007-111210.0

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and ...

CVE-2017-98119.8

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pac...

CVE-2007-18799.3

The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 ...

CVE-2017-98108.8

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance P...