// For flags

CVE-2007-1281

 

Severity Score

7.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Kaspersky AntiVirus Engine 6.0.1.411 for Windows and 5.5-10 for Linux allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression.

Kaspersky AntiVirus Engine 6.0.1.411 para Windows y 5.5-10 para Linux permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) mediante un archivo comprimido con UPX manipulado con un desplazamiento (offset) negativo, lo cual dispara un bucle infinito durante la extracción.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-03-05 CVE Reserved
  • 2007-03-06 CVE Published
  • 2024-02-15 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Kaspersky Lab
Search vendor "Kaspersky Lab"
Kaspersky Antivirus Engine
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine"
6.0.1.411
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine" and version "6.0.1.411"
-
Affected
in Microsoft
Search vendor "Microsoft"
All Windows
Search vendor "Microsoft" for product "All Windows"
abstract_cpe
Search vendor "Microsoft" for product "All Windows" and version "abstract_cpe"
-
Safe
Kaspersky Lab
Search vendor "Kaspersky Lab"
Kaspersky Antivirus Engine
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine"
5.5.10
Search vendor "Kaspersky Lab" for product "Kaspersky Antivirus Engine" and version "5.5.10"
-
Affected
in Linux
Search vendor "Linux"
Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
*ia32_64-bit
Safe