Описание
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.2 (включая)
Одно из
cpe:2.3:a:f-prot:f-prot_antivirus:3.11b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12c:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.12d:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.13:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.13a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14c:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14d:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.14e:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.15:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.15a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.15b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16a:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16b:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16c:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16d:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16e:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:3.16f:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:4.6.6:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.5:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6.1:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6.3:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.6.4:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:f-prot_antivirus:6.0.8:*:*:*:*:*:*:*
cpe:2.3:a:f-prot:scanning_engine:*:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01225
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
github
почти 4 года назад
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read.
EPSS
Процентиль: 79%
0.01225
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-20