Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner prior to 5.0.98 allow remote malicious users to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kaspersky lab online scanner |