Multiple Format String Vulnerabilities in Kaspersky Online Scanner ActiveX Control
CVE-2007-3675

Currently unrated

Key Information:

Vendor

kaspersky
Status
Online Scanner
Vendor
CVE Published:
12 October 2007

What is CVE-2007-3675?

The Kaspersky Online Scanner contains multiple format string vulnerabilities in its ActiveX control (kavwebscan.dll). These vulnerabilities allow remote attackers to execute arbitrary code by exploiting format string specifiers in various string manipulation functions. This issue can lead to heap-based buffer overflows, potentially compromising the security of affected systems. Users are strongly encouraged to update to version 5.0.98 or later to mitigate any risk associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.kaspersky.com/news?id=207575572
x_refsource_CONFIRM
http://securitytracker.com/id?1018800
vdb-entryx_refsource_SECTRACK
https://exchange.xforce.ibmcloud.com/vulnerabilities/37057
vdb-entryx_refsource_XF

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.