PT-2007-1610 · Kaspersky · Kaspersky Antivirus Engine

Published

2007-01-09

Updated

2017-07-29

CVE-2007-0125

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Kaspersky Labs Antivirus Engine versions 6.0 for Windows and 5.5 through 10 for Linux before 20070102

Description The issue allows remote attackers to cause a denial of service due to CPU consumption by scanning a crafted portable executable file. This occurs when the software encounters an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a PE file, resulting in an infinite loop.

Recommendations For Kaspersky Labs Antivirus Engine versions 6.0 for Windows and 5.5 through 10 for Linux before 20070102, update to a version released after 20070102 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0125

Affected Products

Kaspersky Antivirus Engine

PT-2007-1610 · Kaspersky · Kaspersky Antivirus Engine

CVE-2007-0125

Related Identifiers

Affected Products

References · 8