// For flags

CVE-2007-0125

 

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a portable executable (PE) file, which allows remote attackers to cause a denial of service (CPU consumption) by scanning a crafted PE file.

Kaspersky Labs Antivirus Engine 6.0 para Windows y 5.5-10 para Linux anterior al 02/01/2007 entran en un bucle infinito tras encontrar un valor NumberOfRvaAndSizes inválido en la Cabecera Opcional de Windows (Optional Windows Header) de un ejecutable portátil (Portable Executable o PE), lo cual permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) con el escaneo de un archivo PE manipulado.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-01-08 CVE Reserved
  • 2007-01-09 CVE Published
  • 2024-03-06 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Kaspersky Lab
Search vendor "Kaspersky Lab"
Kaspersky Antivirus Engine
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine"
5.5.10
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine" and version "5.5.10"
linux
Affected
Kaspersky Lab
Search vendor "Kaspersky Lab"
Kaspersky Antivirus Engine
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine"
6.0
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine" and version "6.0"
windows
Affected