7.8

CVE-2007-1669

Exploit
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AmavisAmavis Version <= 2.4.1
   Barracuda NetworksBarracuda Spam Firewall Version3.1.17
   Barracuda NetworksBarracuda Spam Firewall Version3.1.18
   Barracuda NetworksBarracuda Spam Firewall Version3.3.0.54
   Barracuda NetworksBarracuda Spam Firewall Version3.3.01.001
   Barracuda NetworksBarracuda Spam Firewall Version3.3.3
   Barracuda NetworksBarracuda Spam Firewall Version3.3.03.053
   Barracuda NetworksBarracuda Spam Firewall Version3.3.03.055
   Barracuda NetworksBarracuda Spam Firewall Version3.3.15.026
   Barracuda NetworksBarracuda Spam Firewall Version3.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12.18% 0.956
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/25122
Patch
Vendor Advisory
http://secunia.com/advisories/25315
Vendor Advisory
http://securityreason.com/securityalert/2680
http://www.amavis.org/security/asa-2007-2.txt
http://www.attrition.org/pipermail/vim/2007-July/001725.html
http://www.osvdb.org/35795
http://www.securityfocus.com/archive/1/467646/100/0/threaded
http://www.securityfocus.com/bid/23823
Exploit
http://www.vupen.com/english/advisories/2007/1699
https://exchange.xforce.ibmcloud.com/vulnerabilities/34080