Описание
Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a portable executable (PE) file, which allows remote attackers to cause a denial of service (CPU consumption) by scanning a crafted PE file.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:kaspersky_lab:kaspersky_antivirus_engine:5.5.10:*:linux:*:*:*:*:*
cpe:2.3:a:kaspersky_lab:kaspersky_antivirus_engine:6.0:*:windows:*:*:*:*:*
EPSS
Процентиль: 82%
0.01664
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Kaspersky Labs Antivirus Engine 6.0 for Windows and 5.5-10 for Linux before 20070102 enter an infinite loop upon encountering an invalid NumberOfRvaAndSizes value in the Optional Windows Header of a portable executable (PE) file, which allows remote attackers to cause a denial of service (CPU consumption) by scanning a crafted PE file.
EPSS
Процентиль: 82%
0.01664
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other