Kaspersky Lab Kaspersky Internet Security — known CVE vulnerabilities
Every CVE whose affected-product data names Kaspersky Lab Kaspersky Internet Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2007-0445 — CVSS 10.0 (critical): Heap-based buffer overflow in the arj.ppl module in the OnDemand Scanner in Kaspersky Anti-Virus, Anti-Virus for Workstations, and…
CVE-2007-1112 — CVSS 10.0 (critical): Kaspersky Anti-Virus 6.0 and Internet Security 6.0 exposes unsafe methods in the (a) AXKLPROD60Lib.KAV60Info (AxKLProd60.dll) and (b)…
CVE-2007-1879 — CVSS 9.3 (critical): The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before…
CVE-2008-1518 — CVSS 7.2 (high): Stack-based buffer overflow in kl1.sys in Kaspersky Anti-Virus 6.0 and 7.0 and Internet Security 6.0 and 7.0 allows local users to gain…
CVE-2006-4926 — CVSS 7.2 (high): The NDIS-TDI Hooking Engine, as used in the (1) KLICK (KLICK.SYS) and (2) KLIN (KLIN.SYS) device drivers 2.0.0.281 for in Kaspersky Labs…
CVE-2007-1881 — CVSS 6.8 (medium): Unspecified vulnerability in KLIF (klif.sys) in Kaspersky Anti-Virus, Anti-Virus for Workstations, and Anti-Virus for File Servers 6.0, and…
CVE-2007-1880 — CVSS 6.6 (medium): Integer overflow in the _NtSetValueKey function in klif.sys in Kaspersky Anti-Virus, Anti-Virus for Workstations, Anti-Virus for File…
CVE-2007-5043 — CVSS 4.4 (medium): Kaspersky Internet Security 7.0.0.125 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function…
CVE-2007-5086 — CVSS 2.1 (low): Kaspersky Anti-Virus (KAV) and Internet Security 7.0 build 125 do not properly validate certain parameters to System Service Descriptor…