Bitdefender Engines Vulnerability in iso.xmd Parser
CVE-2018-18058

5.3MEDIUM

Key Information:

Vendor: Bitdefender
Status: Scan Engines
Vendor: CVE Published:; 24 May 2019

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2018-18058?

A vulnerability exists in Bitdefender Engines prior to version 7.76662 due to insufficient validation of user-supplied data in the iso.xmd parser. This flaw can lead to a division-by-zero error, which, especially when combined with other vulnerabilities, may allow attackers to cause a denial-of-service condition. To exploit this vulnerability, user interaction is necessary, meaning the user must either visit a malicious webpage or open a compromised file.

References

https://www.bitdefender.com/

x_refsource_MISC

https://www.bitdefender.com/support/security-advisories/b...

x_refsource_MISC

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 24, 2019
Vulnerability Reserved
Oct 8, 2018