2 results (0.007 seconds)

CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0

Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression. Kaspersky AntiVirus Engine 6.0.1.411 para Windows y 5.5-10 para Linux permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) mediante un archivo comprimido con UPX manipulado con un desplazamiento (offset) negativo, lo cual dispara un bucle infinito durante la extracción. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=485 http://secunia.com/advisories/24391 http://www.securityfocus.com/bid/22795 http://www.securitytracker.com/id?1017718 http://www.vupen.com/english/advisories/2007/0810 https://exchange.xforce.ibmcloud.com/vulnerabilities/32797 •

CVSS: 5.0EPSS: 4%CPEs: 2EXPL: 0

Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a portable executable (PE) file, which allows remote attackers to cause a denial of service (CPU consumption) by scanning a crafted PE file. Kaspersky Labs Antivirus Engine 6.0 para Windows y 5.5-10 para Linux anterior al 02/01/2007 entran en un bucle infinito tras encontrar un valor NumberOfRvaAndSizes inválido en la Cabecera Opcional de Windows (Optional Windows Header) de un ejecutable portátil (Portable Executable o PE), lo cual permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) con el escaneo de un archivo PE manipulado. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=459 http://osvdb.org/32588 http://secunia.com/advisories/23575 http://securitytracker.com/id?1017476 http://www.securityfocus.com/bid/21901 http://www.vupen.com/english/advisories/2007/0067 https://exchange.xforce.ibmcloud.com/vulnerabilities/31315 •