Lucene search

[email protected]CVE-2007-2967

HistoryMay 31, 2007 - 11:30 p.m.

CVE-2007-2967

2007-05-3123:30:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2007-2967

f-secure

anti-virus

denial of service

vulnerability

nvd

file scanning

infinite loop

arj archives

fsg packed files

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.036 Low

EPSS

Percentile

91.6%

JSON

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.

CPENameOperatorVersion
f-secure:f-secure_anti-virusf-secure f-secure anti-virusle5.61
f-secure:internet_gatekeeperf-secure internet gatekeeperle2.16
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq2006
f-secure:f-secure_anti-virus_linux_client_securityf-secure f-secure anti-virus linux client securityle5.30
f-secure:f-secure_anti-virusf-secure f-secure anti-virusle5.52
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq2005
f-secure:f-secure_anti-virus_client_securityf-secure f-secure anti-virus client securityle6.03
f-secure:f-secure_protection_servicef-secure f-secure protection servicele6.40
f-secure:f-secure_anti-virusf-secure f-secure anti-virusle4.65
f-secure:f-secure_anti-virusf-secure f-secure anti-virusle5.42

CPE	Name	Operator	Version
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	le	5.61
f-secure:internet_gatekeeper	f-secure internet gatekeeper	le	2.16
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	2006
f-secure:f-secure_anti-virus_linux_client_security	f-secure f-secure anti-virus linux client security	le	5.30
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	le	5.52
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	2005
f-secure:f-secure_anti-virus_client_security	f-secure f-secure anti-virus client security	le	6.03
f-secure:f-secure_protection_service	f-secure f-secure protection service	le	6.40
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	le	4.65
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	le	5.42

Rows per page:

1-10 of 181

References

lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html

lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html

osvdb.org/36725

osvdb.org/36726

secunia.com/advisories/25440

securitytracker.com/id?1018147

www.f-secure.com/security/fsc-2007-3.shtml

www.nruns.com/security_advisory_fsecure_arj.php

www.nruns.com/security_advisory_fsecure_fsg.php

www.securityfocus.com/archive/1/470462/100/0/threaded

www.securityfocus.com/archive/1/470484/100/0/threaded

www.securitytracker.com/id?1018146

www.securitytracker.com/id?1018148

www.vupen.com/english/advisories/2007/1985

exchange.xforce.ibmcloud.com/vulnerabilities/34581

7.5 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.036 Low

EPSS

Percentile

91.6%

JSON

Related for CVE-2007-2967

prion1 cvelist1