2 results (0.009 seconds)

CVSS: 4.3EPSS: 1%CPEs: 35EXPL: 0

Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash. Múltiples vulnerabilidades sin especificar en el motor de análisis anterior a 4.4.4 en el F-Prrot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio a través de (1) un fichero UPX-comppressed manipulado que provoca una caída del motor; (2) mediante un fichero Microsoft Office manipulado que lanza un bucle infinito o (3) mediante un fichero ASPack-compressed que provoca una caída del motor. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.securityfocus.com/bid/30258 https://exchange.xforce.ibmcloud.com/vulnerabilities/43868 https://exchange.xforce.ibmcloud.com/vulnerabilities/43869 https://exchange.xforce.ibmcloud.com/vulnerabilities/43870 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 1%CPEs: 35EXPL: 0

The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read. Motor de análisis anterior a 4.4.4 en F-Prot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio (caída de motor) a través de un fichero CHM con un valor nb_dir largo, lo que provoca una lectura fuera de rango. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php http://www.securityfocus.com/bid/30253 http://www.securitytracker.com/id?1020507 http://www.vupen.com/english/advisories/2008/2124/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43835 • CWE-20: Improper Input Validation •