### [CVE-2007-3675](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3675)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Multiple format string vulnerabilities in the kavwebscan.CKAVWebScan ActiveX control (kavwebscan.dll) in Kaspersky Online Scanner before 5.0.98 allow remote attackers to execute arbitrary code via format string specifiers in "various string formatting functions," which trigger heap-based buffer overflows.

### POC

#### Reference
- http://www.kaspersky.com/news?id=207575572

#### Github
No PoCs found on GitHub currently.