CVE-2007-0125

Currently unrated

Key Information:

Vendor: kaspersky
Status: Kaspersky Antivirus Engine
Vendor: CVE Published:; 9 January 2007

Summary

Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a portable executable (PE) file, which allows remote attackers to cause a denial of service (CPU consumption) by scanning a crafted PE file.

References

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

https://exchange.xforce.ibmcloud.com/vulnerabilities/31315

vdb-entryx_refsource_XF

http://secunia.com/advisories/23575

third-party-advisoryx_refsource_SECUNIA

EPSS Score

4% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 9, 2007
Vulnerability Reserved
Jan 8, 2007