Computer Security
[EN] securityvulns.ru no-pyccku


Multiple Zoo archivers DoS
Published:07.05.2007
Source:
SecurityVulns ID:7671
Type:library
Threat Level:
5/10
Description:Endless loop on archive content parsing.
Affected:ZOO : zoo 2.10
 ALWIL : avast! Antivirus 4.7
 BARRACUDA : Spam Firewall 3.4
CVE:CVE-2007-1673 (unzoo.c allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.)
 CVE-2007-1672 (avast! antivirus before 4.7.981 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.)
 CVE-2007-1671 (avpack32.dll before 7.3.0.6 in Avira AntiVir allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.)
 CVE-2007-1670 (Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.)
 CVE-2007-1669 (Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, and Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.)
Original documentdocumentJean-Sébastien Guay-Leroux, Multiple vendors ZOO file decompression infinite loop DoS (07.05.2007)
Files:Exploits Multiple vendors ZOO file decompression infinite loop DoS
 patch for the software zoo version 2.10

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod