F-PROT Antivirus Multiple Vulnerabilities Network Vulnerability

Summary

The remote host is installed with F-PROT Antivirus, which is prone multiple denial of service vulnerabilities.

Impact

Remote attackers can easily crash the engine/service via specially crafted files. Impact Level : Application.

Solution

Upgrade to latest F-PROT Antivirus or later. http://www.f-prot.com/download/

Insight

The issues are due to, - input validation error while processing the nb_dir field of CHM file's header. - improper handling of specially crafted UPX-compressed files, Microsoft Office files, and ASPack-compressed files.

Affected

F-Prot Antivirus for Windows prior to 6.0.9.0 on Windows (All).

References

http://www.f-prot.com/download/ReleaseNotesWindows.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3244

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)
Adobe Flash Media Server Remote Denial of Service Vulnerability (August-2011)
Firefox Browser Libxul Memory Leak Remote DoS Vulnerability - Win
Compaq Web SSI DoS
Avahi Denial of Service Vulnerability

Take action and discover your vulnerabilities