CVE-2007-1669

Name of the Vulnerable Software and Affected Versions: zoo decoder version 2.10 Barracuda Spam Firewall versions 3.4 and later with virusdef before 2.0.6399 Spam Firewall versions prior to 3.4 20070319 with virusdef before 2.0.6399 AMaViS versions 2.4.1 and earlier

Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop. This can be achieved by using a ZOO archive with a direntry structure that points to a previous file.

Recommendations: For zoo decoder version 2.10, update to a version that is not affected by this issue. For Barracuda Spam Firewall versions 3.4 and later, update virusdef to version 2.0.6399 or later. For Spam Firewall versions prior to 3.4 20070319, update to version 3.4 20070319 or later and ensure virusdef is updated to version 2.0.6399 or later. For AMaViS versions 2.4.1 and earlier, update to a version later than 2.4.1.