The StartUploading function in KL.SysInfo ActiveX control (AxKLSysInfo.dll) in Kaspersky Anti-Virus 6.0 and Internet Security 6.0 before Maintenance Pack 2 build 6.0.2.614 allows remote malicious users to read arbitrary files by triggering an outbound anonymous FTP session that invokes the PUT command. NOTE: this issue might be related to CVE-2007-1112.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kaspersky lab kaspersky internet security |
||
kaspersky lab kaspersky anti-virus 6.0 |