Vulnerability Details CVE-2007-2967
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.092
EPSS Ranking 92.2%
CVSS Severity
CVSS v2 Score 10.0
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html
- http://osvdb.org/36725
- http://osvdb.org/36726
- http://secunia.com/advisories/25440
- http://securitytracker.com/id?1018147
- http://www.f-secure.com/security/fsc-2007-3.shtml
- http://www.nruns.com/security_advisory_fsecure_arj.php
- http://www.nruns.com/security_advisory_fsecure_fsg.php
- http://www.securityfocus.com/archive/1/470462/100/0/threaded
- http://www.securityfocus.com/archive/1/470484/100/0/threaded
- http://www.securitytracker.com/id?1018146
- http://www.securitytracker.com/id?1018148
- http://www.vupen.com/english/advisories/2007/1985
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34581
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html
- http://osvdb.org/36725
- http://osvdb.org/36726
- http://secunia.com/advisories/25440
- http://securitytracker.com/id?1018147
- http://www.f-secure.com/security/fsc-2007-3.shtml
- http://www.nruns.com/security_advisory_fsecure_arj.php
- http://www.nruns.com/security_advisory_fsecure_fsg.php
- http://www.securityfocus.com/archive/1/470462/100/0/threaded
- http://www.securityfocus.com/archive/1/470484/100/0/threaded
- http://www.securitytracker.com/id?1018146
- http://www.securitytracker.com/id?1018148
- http://www.vupen.com/english/advisories/2007/1985
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34581
Products affected by CVE-2007-2967
-
cpe:2.3:a:f-secure:f-secure_anti-virus:*
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2005
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2006
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2007
-
cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*
-
cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*
-
cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*
-
cpe:2.3:a:f-secure:f-secure_internet_security:2005
-
cpe:2.3:a:f-secure:f-secure_internet_security:2006
-
cpe:2.3:a:f-secure:f-secure_internet_security:2007
-
cpe:2.3:a:f-secure:f-secure_protection_service:*
-
cpe:2.3:a:f-secure:internet_gatekeeper:*
-
cpe:2.3:a:f-secure:internet_gatekeeper:-