返回 CVE 瀏覽器

CVE-2007-0445

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1630%

EPSS Percentile22.94th

Published2007年4月6日

Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives.

Affected Platforms (CPE)

📦

Kaspersky Lab

Kaspersky Anti Virus

= 6.0

📦

Kaspersky Lab

Kaspersky Anti Virus

= 6.0

📦

Kaspersky Lab

Kaspersky Anti Virus

= 6.0

📦

Kaspersky Lab

Kaspersky Internet Security

<= 6.0

References & Advisories

🔗 http://secunia.com/advisories/24778

🔗 http://www.kaspersky.com/technews?id=203038693

🔗 http://www.kaspersky.com/technews?id=203038694

🔗 http://www.securityfocus.com/archive/1/464878/100/0/threaded

🔗 http://www.securityfocus.com/bid/23346

🔗 http://www.securitytracker.com/id?1017882

🔗 http://www.securitytracker.com/id?1017883

🔗 http://www.vupen.com/english/advisories/2007/1268

相關漏洞威脅

CVE-2007-111210.0

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and ...

CVE-2017-98119.8

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pac...

CVE-2007-18799.3

The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 ...

CVE-2017-98108.8

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance P...