Vulnerability Details : CVE-2007-2967

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.

Vulnerability category: Input validationDenial of service

Published 2007-05-31 23:30:00

Updated 2018-10-16 16:46:49

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2007-2967

Probability of exploitation activity in the next 30 days: 6.16%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-2967

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2007-2967

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: [email protected] (Primary)

References for CVE-2007-2967

Products affected by CVE-2007-2967

F-secure » Internet Gatekeeper » Linux Edition
Versions up to, including, (<=) 2.16
cpe:2.3:a:f-secure:internet_gatekeeper:*:*:linux:*:*:*:*:*
Matching versions
F-secure » Internet Gatekeeper
Versions up to, including, (<=) 6.60
cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Ms Exchange Edition
Versions up to, including, (<=) 6.40
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Mimesweeper Edition
Versions up to, including, (<=) 5.61
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Linux Gateways Edition
Versions up to, including, (<=) 4.65
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Workstations Edition
Versions up to, including, (<=) 5.44
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Citrix Servers Edition
Versions up to, including, (<=) 5.52
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:citrix_servers:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Linux Servers Edition
Versions up to, including, (<=) 4.65
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_servers:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Windows Servers Edition
Versions up to, including, (<=) 5.42
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Version: 2005
cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Version: 2006
cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Version: 2007
cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Internet Security » Version: 2005
cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Internet Security » Version: 2006
cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Internet Security » Version: 2007
cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus Client Security
Versions up to, including, (<=) 6.03
cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus Linux Client Security
Versions up to, including, (<=) 5.30
cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus Linux Server Security
Versions up to, including, (<=) 5.30
cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Protection Service » Consumers Edition
Versions up to, including, (<=) 6.40
cpe:2.3:a:f-secure:f-secure_protection_service:*:*:consumers:*:*:*:*:*
Matching versions