Vulnerability Details : CVE-2007-3971
Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2007-3971
Probability of exploitation activity in the next 30 days: 3.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 90 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-3971
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
[email protected] |
References for CVE-2007-3971
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/35525
-
http://securityreason.com/securityalert/2923
- http://www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26
-
http://www.securitytracker.com/id?1018436
-
http://www.securityfocus.com/bid/24988
Exploit
- http://www.vupen.com/english/advisories/2007/2602
-
http://www.securityfocus.com/archive/1/474245/100/0/threaded
Products affected by CVE-2007-3971
- cpe:2.3:a:eset_software:nod32_antivirus:*:*:*:*:*:*:*:*