CVE-2007-3675 Information

Description

Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in \various string formatting functions\ which trigger heap-based buffer overflows.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=606 http://secunia.com/advisories/27187 http://securitytracker.com/id?1018800 http://www.kaspersky.com/news?id=207575572 http://www.securityfocus.com/bid/26004 http://www.vupen.com/english/advisories/2007/3455 https://exchange.xforce.ibmcloud.com/vulnerabilities/37057