Denial of Service Vulnerability in Avira AntiVir Product
CVE-2007-1671

Currently unrated

Key Information:

Vendor: Avira
Status: Antivir Personal
Vendor: CVE Published:; 9 May 2007

What is CVE-2007-1671?

Avira AntiVir, specifically the avpack32.dll component before version 7.3.0.6, is susceptible to a denial of service vulnerability. This flaw allows remote attackers to trigger an infinite loop by utilizing a ZOO archive that contains a specific direntry structure pointing to a previous file. Exploiting this vulnerability can lead to significant disruptions in service, rendering the software unresponsive.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34080

vdb-entryx_refsource_XF

http://secunia.com/advisories/25140

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/35911

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
May 9, 2007
Vulnerability Reserved
Mar 24, 2007