Denial of Service Flaw in Avira Antivir Antivirus Affects File Parsing
CVE-2007-2972

Currently unrated

Key Information:

Vendor: Avira
Status: Av Pack; Antivir
Vendor: CVE Published:; 1 June 2007

What is CVE-2007-2972?

A vulnerability in the file parsing engine of Avira Antivir Antivirus versions prior to 7.04.00.24 allows remote attackers to exploit a crafted UPX compressed file. This exploitation can lead to a denial of service condition by triggering a divide-by-zero error, resulting in an application crash. Users are encouraged to update their software to mitigate this issue.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34556

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/24187

vdb-entryx_refsource_BID

http://forum.antivir-pe.de/thread.php?threadid=22528

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 1, 2007
Vulnerability Reserved
May 31, 2007