Bitdefender Engines Vulnerability in iso.xmd Parser
CVE-2018-18058
5.3MEDIUM
What is CVE-2018-18058?
A vulnerability exists in Bitdefender Engines prior to version 7.76662 due to insufficient validation of user-supplied data in the iso.xmd parser. This flaw can lead to a division-by-zero error, which, especially when combined with other vulnerabilities, may allow attackers to cause a denial-of-service condition. To exploit this vulnerability, user interaction is necessary, meaning the user must either visit a malicious webpage or open a compromised file.
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved