PT-2007-1610 · Kaspersky · Kaspersky Antivirus Engine

Publicado

2007-01-09

Atualizado

2017-07-29

CVE-2007-0125

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Kaspersky Labs Antivirus Engine versions 6.0 for Windows and 5.5 through 10 for Linux before 20070102

Description The issue allows remote attackers to cause a denial of service due to CPU consumption by scanning a crafted portable executable file. This occurs when the software encounters an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a PE file, resulting in an infinite loop.

Recommendations For Kaspersky Labs Antivirus Engine versions 6.0 for Windows and 5.5 through 10 for Linux before 20070102, update to a version released after 20070102 to resolve the issue.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-0125

Produtos afetados

Kaspersky Antivirus Engine

PT-2007-1610 · Kaspersky · Kaspersky Antivirus Engine

CVE-2007-0125

Identificadores relacionados

Produtos afetados

Referências · 8