Description
The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid offsets.
Affected products
- f-prot / f-prot_antivirus6.2.1.4252 – 6.2.1.4252
- f-prot / scanning_engine4.4.4.56 – 4.4.4.56
References
- MAILING_LISThttp://seclists.org/fulldisclosure/2008/Jul/0569.html
- MISChttp://www.securitytracker.com/id?1020612
- EXPLOIThttps://www.exploit-db.com/exploits/6174
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2008/2283
- VENDOR_ADVISORYhttp://secunia.com/advisories/31313
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/44134
- MISChttp://www.securityfocus.com/bid/30461
Updated 50m ago · 2 sources