Back to search
CVE-2007-1880
Published: Apr 6, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File Server 6.0, and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows context-dependent attackers to execute arbitrary code via a large, unsigned "data size argument," which results in a heap overflow.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
33851
vdb-entry
x_refsource_OSVDB
23326
vdb-entry
x_refsource_BID
24778
third-party-advisory
x_refsource_SECUNIA
20070404 Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability
third-party-advisory
x_refsource_IDEFENSE
http://www.kaspersky.com/technews?id=203038694
x_refsource_CONFIRM
ADV-2007-1268
vdb-entry
x_refsource_VUPEN
1017873
vdb-entry
x_refsource_SECTRACK
kaspersky-klif-bo(33460)
vdb-entry
x_refsource_XF
1017872
vdb-entry
x_refsource_SECTRACK
http://www.kaspersky.com/technews?id=203038693
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now