10
CVE-2007-2967
- EPSS 4.79%
- Veröffentlicht 31.05.2007 23:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
F-secure ≫ F-secure Anti-virus Editionlinux_gateways Version <= 4.65
F-secure ≫ F-secure Anti-virus Editionlinux_servers Version <= 4.65
F-secure ≫ F-secure Anti-virus Editionwindows_servers Version <= 5.42
F-secure ≫ F-secure Anti-virus Editionworkstations Version <= 5.44
F-secure ≫ F-secure Anti-virus Editioncitrix_servers Version <= 5.52
F-secure ≫ F-secure Anti-virus Editionmimesweeper Version <= 5.61
F-secure ≫ F-secure Anti-virus Editionms_exchange Version <= 6.40
F-secure ≫ F-secure Anti-virus Version2005
F-secure ≫ F-secure Anti-virus Version2006
F-secure ≫ F-secure Anti-virus Version2007
F-secure ≫ F-secure Anti-virus Client Security Version <= 6.03
F-secure ≫ F-secure Anti-virus Linux Client Security Version <= 5.30
F-secure ≫ F-secure Anti-virus Linux Server Security Version <= 5.30
F-secure ≫ F-secure Internet Security Version2005
F-secure ≫ F-secure Internet Security Version2006
F-secure ≫ F-secure Internet Security Version2007
F-secure ≫ F-secure Protection Service Editionconsumers Version <= 6.40
F-secure ≫ Internet Gatekeeper Editionlinux Version <= 2.16
F-secure ≫ Internet Gatekeeper Version <= 6.60
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.79% | 0.908 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.securitytracker.com/id?1018146
http://www.securitytracker.com/id?1018148
http://www.vupen.com/english/advisories/2007/1985
http://securitytracker.com/id?1018147
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html
http://osvdb.org/36725
http://osvdb.org/36726
http://secunia.com/advisories/25440
http://www.f-secure.com/security/fsc-2007-3.shtml
http://www.nruns.com/security_advisory_fsecure_arj.php
http://www.nruns.com/security_advisory_fsecure_fsg.php
http://www.securityfocus.com/archive/1/470462/100/0/threaded
http://www.securityfocus.com/archive/1/470484/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/34581