Lucene search

MitreCVE-2007-3971

HistoryJul 25, 2007 - 5:30 p.m.

CVE-2007-3971

2007-07-2517:30:00

mitre

web.nvd.nist.gov

cve-2007-3971

eset nod32 antivirus

integer overflow

denial of service

remote attackers

cpu consumption

disk consumption

aspack packed file

infinite loop

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.057

Percentile

93.5%

JSON

Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loop.

Affected configurations

Nvd

Node

eset_softwarenod32_antivirusRange≤2.2289

VendorProductVersionCPE
eset_softwarenod32_antivirus*cpe:2.3:a:eset_software:nod32_antivirus:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
eset_software	nod32_antivirus	*	cpe:2.3:a:eset_software:nod32_antivirus::::::::

References

osvdb.org/37977

secunia.com/advisories/26124

securityreason.com/securityalert/2923

www.eset.com/joomla/index.php?option=com_content&task=view&id=3469&Itemid=26

www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.pdf

www.nruns.com/%5Bn.runs-SA-2007.017%5D%20-%20NOD32%20Antivirus%20ASPACK%20parsing%20Infinite%20Loop%20Advisory.txt

www.securityfocus.com/archive/1/474245/100/0/threaded

www.securityfocus.com/bid/24988

www.securitytracker.com/id?1018436

www.vupen.com/english/advisories/2007/2602

exchange.xforce.ibmcloud.com/vulnerabilities/35525

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

High

EPSS

0.057

Percentile

93.5%

JSON

Related for CVE-2007-3971