5

CVE-2007-0125

Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a portable executable (PE) file, which allows remote attackers to cause a denial of service (CPU consumption) by scanning a crafted PE file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Kaspersky LabKaspersky Antivirus Engine Version5.5.10 Editionlinux
Kaspersky LabKaspersky Antivirus Engine Version6.0 Editionwindows
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.57% 0.831
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=459
Vendor Advisory
http://osvdb.org/32588
http://secunia.com/advisories/23575
Vendor Advisory
http://securitytracker.com/id?1017476
http://www.securityfocus.com/bid/21901
http://www.vupen.com/english/advisories/2007/0067
https://exchange.xforce.ibmcloud.com/vulnerabilities/31315