Unrated severityNVD Advisory· Published Oct 12, 2007· Updated Apr 23, 2026

CVE-2007-3675

Description

Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows.

Affected products

Kaspersky Lab/Online Scanner
cpe:2.3:a:kaspersky_lab:online_scanner:*:*:*:*:*:*:*:*
Range: <=5.0.93

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/27187nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.kaspersky.com/newsnvdPatch
www.securityfocus.com/bid/26004nvdPatch
labs.idefense.com/intelligence/vulnerabilities/display.phpnvd
www.vupen.com/english/advisories/2007/3455nvd
exchange.xforce.ibmcloud.com/vulnerabilities/37057nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000