Integer Overflow Vulnerability in ESET NOD32 Antivirus
CVE-2007-3971

Currently unrated

Key Information:

Vendor: Eset Software
Status: Nod32 Antivirus
Vendor: CVE Published:; 25 July 2007

🔔 Create Eset Software Vulnerability Alert

What is CVE-2007-3971?

ESET NOD32 Antivirus prior to version 2.2289 suffers from an integer overflow vulnerability that can be exploited by remote attackers. This flaw occurs when processing specially crafted ASPACK packed files, leading to excessive CPU and disk consumption. An attacker can trigger this vulnerability, causing the application to enter an infinite loop, ultimately resulting in a denial of service. Organizations using affected versions of ESET NOD32 Antivirus are advised to update their systems promptly to mitigate the risk associated with this vulnerability.

References

http://securityreason.com/securityalert/2923

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/474245/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/26124

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2007
Vulnerability Reserved
Jul 25, 2007

JSON