Computer Security
[EN] securityvulns.ru no-pyccku


Kaspersky Antivirus DoS
Published:06.01.2007
Source:
SecurityVulns ID:7005
Type:remote
Threat Level:
6/10
Description:Endless loop on invalid NumberOfRvaAndSizes field value of PE file.
Affected:KASPERSKY : Kaspersky Antivirus 6.0
 KASPERSKY : Kaspersky Antivirus 5.5
CVE:CVE-2007-0125 (Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a portable executable (PE) file, which allows remote attackers to cause a denial of service (CPU consumption) by scanning a crafted PE file.)
Original documentdocumentIDEFENSE, [Full-disclosure] iDefense Security Advisory 01.05.07: Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability (06.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod