Summary
The remote host is installed with F-PROT Antivirus, which is prone multiple denial of service vulnerabilities.
Impact
Remote attackers can easily crash the engine/service via specially crafted files.
Impact Level : Application.
Solution
Upgrade to latest F-PROT Antivirus or later.
http://www.f-prot.com/download/
Insight
The issues are due to,
- input validation error while processing the nb_dir field of CHM file's header.
- improper handling of specially crafted UPX-compressed files, Microsoft Office files, and ASPack-compressed files.
Affected
F-Prot Antivirus for Windows prior to 6.0.9.0 on Windows (All).
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-3244 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Django Forms Library Algorithmic Complexity Vulnerability
- F-PROT AV 'ELF' Header Denial of Service Vulnerability
- ClamAV LZH File Unpacking Denial of Service Vulnerability (Win)
- Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)
- Apache APR-Utils Multiple Denial of Service Vulnerabilities