Kaspersky Antivirus UPX Denial Of Service Vulnerability Network Vulnerability

Summary

Kaspersky AntiVirus Engine 6.0.1.411 for Windows allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression.

Solution

Update to a newer version (automatic update will do).

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1281

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-1281

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Linux)
Apple QuickTime Multiple Denial of Service Vulnerabilities - (Windows)
Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Win)
Freeciv Multiple Remote Denial Of Service Vulnerabilities
Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability

Kaspersky Antivirus UPX Denial of Service vulnerability

Take action and discover your vulnerabilities