GCVE - cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:windows

Approved changes feed: RSS · Atom

cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:6.0:*:windows_workstation:*:*:*:*:*

part: a version: 6.0 update: *

Vendor	Kaspersky Lab (`b5f4462b-8575-5828-a714-cab051c30fb5`)
Product	Kaspersky Anti Virus (`ae985132-b760-5c8a-9fc0-1adb94428849`)
Edition	windows_workstation
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-1879`	vulnerable	2026-06-03 14:28:06.982912	Details available The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112. Published: 2007-04-06T00:00:00.000Z Updated: 2024-08-07T13:13:41.999Z Open on db.gcve.eu Reference links http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=504 http://secunia.com/advisories/24778 http://www.securitytracker.com/id?1017871 http://www.kaspersky.com/technews?id=203038694 http://www.vupen.com/english/advisories/2007/1268	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-1112`	vulnerable	2026-06-03 14:28:04.413483	Details available Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods. Published: 2007-04-06T00:00:00.000Z Updated: 2024-08-07T12:43:22.661Z Open on db.gcve.eu Reference links http://www.securitytracker.com/id?1017884 http://www.securitytracker.com/id?1017885 http://secunia.com/advisories/24778 http://www.kaspersky.com/technews?id=203038694 http://www.zerodayinitiative.com/advisories/ZDI-07-014.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-0445`	vulnerable	2026-06-03 14:27:56.727377	Details available Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives. Published: 2007-04-06T00:00:00.000Z Updated: 2024-08-07T12:19:30.325Z Open on db.gcve.eu Reference links http://www.zerodayinitiative.com/advisories/ZDI-07-013.html http://secunia.com/advisories/24778 http://www.securitytracker.com/id?1017882 http://www.kaspersky.com/technews?id=203038694 http://www.vupen.com/english/advisories/2007/1268	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Kaspersky Anti Virus

PURL mappings

Vulnerability references

Contribute