GCVE - cpe:2.3:a:kaspersky:anti-virus_for_linux

Approved changes feed: RSS · Atom

cpe:2.3:a:kaspersky:anti-virus_for_linux_server:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Kaspersky (`0e3919d1-d2ab-5693-bce6-610f4c2052a6`)
Product	Anti Virus For Linux Server (`6373738b-dea5-5079-81d6-3e941bf8a68d`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-9813`	vulnerable	2026-06-03 14:37:42.339682	Details available In Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312), the scriptName parameter of the licenseKeyInfo action method is vulnerable to cross-site scripting (XSS). Published: 2017-07-17T21:00:00.000Z Updated: 2024-08-05T17:18:02.206Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2017/Jun/33 http://packetstormsecurity.com/files/143190/Kaspersky-Anti-Virus-File-Server-8.0.3.297-XSS-CSRF-Code-Execution.html http://www.securityfocus.com/bid/99330 http://www.securitytracker.com/id/1038798 https://www.exploit-db.com/exploits/42269/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9812`	vulnerable	2026-06-03 14:37:42.339301	Details available The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges. Published: 2017-07-17T21:00:00.000Z Updated: 2024-08-05T17:18:02.195Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2017/Jun/33 http://packetstormsecurity.com/files/143190/Kaspersky-Anti-Virus-File-Server-8.0.3.297-XSS-CSRF-Code-Execution.html http://www.securityfocus.com/bid/99330 http://www.securitytracker.com/id/1038798 https://www.exploit-db.com/exploits/42269/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9811`	vulnerable	2026-06-03 14:37:42.338910	Details available The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). By abusing the quarantine read and write operations, it is possible to elevate the privileges to root. Published: 2017-07-17T21:00:00.000Z Updated: 2024-08-05T17:18:01.924Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2017/Jun/33 http://packetstormsecurity.com/files/143190/Kaspersky-Anti-Virus-File-Server-8.0.3.297-XSS-CSRF-Code-Execution.html http://www.securityfocus.com/bid/99330 http://www.securitytracker.com/id/1038798 https://www.exploit-db.com/exploits/42269/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9810`	vulnerable	2026-06-03 14:37:42.338425	Details available There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain. Published: 2017-07-17T21:00:00.000Z Updated: 2024-08-05T17:18:01.913Z Open on db.gcve.eu Reference links http://seclists.org/fulldisclosure/2017/Jun/33 http://packetstormsecurity.com/files/143190/Kaspersky-Anti-Virus-File-Server-8.0.3.297-XSS-CSRF-Code-Execution.html http://www.securityfocus.com/bid/99330 http://www.securitytracker.com/id/1038798 https://www.exploit-db.com/exploits/42269/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Anti Virus For Linux Server

PURL mappings

Vulnerability references

Contribute