CVE-2024-27359

Name of the Vulnerable Software and Affected Versions WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure Elements Endpoint Protection for Mac versions 17 and later WithSecure Linux Security 64 version 12.0 WithSecure Linux Protection version 12.0 WithSecure Atlant version 1.0.35-1

Description The issue is related to the engine scanner going into an infinite loop when processing an archive file, which can cause a Denial of Service. This is due to insufficient input validation. A remote attacker can exploit this issue to cause a denial of service.

Recommendations For WithSecure Client Security version 15, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Server Security version 15, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Email and Server Security version 15, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Elements Endpoint Protection versions 17 and later, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Client Security for Mac version 15, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Linux Security 64 version 12.0, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Linux Protection version 12.0, update to a version that fixes the infinite loop issue in the engine scanner. For WithSecure Atlant version 1.0.35-1, update to a version that fixes the infinite loop issue in the engine scanner.