ActiveX Vulnerability in Kaspersky Anti-Virus and Internet Security Products
CVE-2007-1112

Currently unrated

What is CVE-2007-1112?

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 are affected by a vulnerability that exposes unsafe methods in two ActiveX controls, AxKLProd60.dll and AxKLSysInfo.dll. This flaw allows remote attackers to execute crafted commands that can result in unauthorized downloading or deletion of arbitrary files. Exploitation occurs through manipulation of methods such as DeleteFile, StartBatchUploading, StartStrBatchUploading, or StartUploading. Users should prioritize updates to mitigate potential security risks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.