ActiveX Vulnerability in Kaspersky Anti-Virus and Internet Security Products
CVE-2007-1112

Currently unrated

Key Information:

Vendor

kaspersky
Status
Kaspersky Anti-virus
Kaspersky Internet Security
Vendor
CVE Published:
6 April 2007

What is CVE-2007-1112?

Kaspersky Anti-Virus 6.0 and Internet Security 6.0 are affected by a vulnerability that exposes unsafe methods in two ActiveX controls, AxKLProd60.dll and AxKLSysInfo.dll. This flaw allows remote attackers to execute crafted commands that can result in unauthorized downloading or deletion of arbitrary files. Exploitation occurs through manipulation of methods such as DeleteFile, StartBatchUploading, StartStrBatchUploading, or StartUploading. Users should prioritize updates to mitigate potential security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1017884
vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id?1017885
vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/24778
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.