Kaspersky Password Manager 5.x < HTML Injection

This script is Copyright (C) 2012-2015 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has a password manager installed that is
affected by an HTML injection vulnerability.

Description :

The version of Kaspersky Password Manager installed on the remote
Windows host is 5.x prior to As such, it is potentially
affected by an HTML injection vulnerability.

A remote attacker can trick a user into visiting a malicious website and
into saving malicious code from the site when the application's password
management features are used. Later, the user could trigger the
malicious code when using Password Manager's export functionality.

See also :


Solution :

Upgrade to Kaspersky Password Manager or later.

Risk factor :

Low / CVSS Base Score : 2.6
CVSS Temporal Score : 2.5
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 62800 ()

Bugtraq ID: 54760


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now