CVSS: 10.0EPSS: 19%CPEs: 4EXPL: 0CVE-2007-0445 – Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-0445
05 Apr 2007 — Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote attackers to execute arbitrary code via crafted ARJ archives. Desbordamiento de búfer basado en pila en el módulo arj.ppl en OnDemand Scanner en Kaspersky Anti-Virus, Anti-Virus para estaciones de trabajo, y Anti-Virus para File Servers 6.0, e Internet Security 6.0 ... • http://secunia.com/advisories/24778 •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 0CVE-2007-1112 – Kaspersky Antivirus ActiveX Unsafe Methods Vulnerability
https://notcve.org/view.php?id=CVE-2007-1112
05 Apr 2007 — Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b) AXKLSYSINFOLib.SysInfo (AxKLSysInfo.dll) ActiveX controls, which allows remote attackers to "download" or delete arbitrary files via crafted arguments to the (1) DeleteFile, (2) StartBatchUploading, (3) StartStrBatchUploading, or (4) StartUploading methods. Kaspersky Anti-Virus 6.0 e Internet Security 6.0 revela métodos no seguros en los controles ActiveX (a) AXKLPROD60Lib.KA... • http://secunia.com/advisories/24778 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 4CVE-2006-4926 – Kaspersky Internet Security 6.0.0.303 - IOCTL KLICK Local Overflow / Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-4926
20 Oct 2006 — The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs Anti-Virus 6.0.0.303 and other Anti-Virus and Internet Security products, allows local users to execute arbitrary code via crafted Irp structure with invalid addresses in the 0x80052110 IOCTL. El NDIS-TDI Hooking Engine, según lo utilizado en (1) KLICK (KLICK.SYS) y (2) KLIN (KLIN.SYS) en los controladores de dispositivos 2.0.0.281 en Kaspersky Labs Anti-Virus 6.0.0.303 y ... • https://www.exploit-db.com/exploits/2676 •
CVSS: 5.5EPSS: 3%CPEs: 7EXPL: 1CVE-2006-3074 – Kaspersky Internet Security 6.0 - SSDT Hooks Multiple Local Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-3074
19 Jun 2006 — klif.sys in Kaspersky Internet Security 6.0 and 7.0, Kaspersky Anti-Virus (KAV) 6.0 and 7.0, KAV 6.0 for Windows Workstations, and KAV 6.0 for Windows Servers does not validate certain parameters to the (1) NtCreateKey, (2) NtCreateProcess, (3) NtCreateProcessEx, (4) NtCreateSection, (5) NtCreateSymbolicLinkObject, (6) NtCreateThread, (7) NtDeleteValueKey, (8) NtLoadKey2, (9) NtOpenKey, (10) NtOpenProcess, (11) NtOpenSection, and (12) NtQueryValueKey hooked system calls, which allows local users to cause a ... • https://www.exploit-db.com/exploits/30192 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •