Vulnerability Details CVE-2007-1669
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.159
EPSS Ranking 94.3%
CVSS Severity
CVSS v2 Score 7.8
References
- http://secunia.com/advisories/25122
- http://secunia.com/advisories/25315
- http://securityreason.com/securityalert/2680
- http://www.amavis.org/security/asa-2007-2.txt
- http://www.attrition.org/pipermail/vim/2007-July/001725.html
- http://www.osvdb.org/35795
- http://www.securityfocus.com/archive/1/467646/100/0/threaded
- http://www.securityfocus.com/bid/23823
- http://www.vupen.com/english/advisories/2007/1699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34080
- http://secunia.com/advisories/25122
- http://secunia.com/advisories/25315
- http://securityreason.com/securityalert/2680
- http://www.amavis.org/security/asa-2007-2.txt
- http://www.attrition.org/pipermail/vim/2007-July/001725.html
- http://www.osvdb.org/35795
- http://www.securityfocus.com/archive/1/467646/100/0/threaded
- http://www.securityfocus.com/bid/23823
- http://www.vupen.com/english/advisories/2007/1699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34080
Products affected by CVE-2007-1669
-
cpe:2.3:a:amavis:amavis:*
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3
-
cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4