CVE-2007-1880

Currently unrated

Key Information:

Vendor: kaspersky
Status: Kaspersky Anti-virus; Kaspersky Internet Security
Vendor: CVE Published:; 6 April 2007

Summary

Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.

References

http://www.osvdb.org/33851

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/23326

vdb-entryx_refsource_BID

http://secunia.com/advisories/24778

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 6, 2007
Vulnerability Reserved
Apr 5, 2007