Vulnerability Name:

CVE-2007-2967 (CCN-34581)

Assigned:2007-05-22
Published:2007-05-22
Updated:2018-10-16
Summary:Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: Full-Disclosure Mailing List, Mon Jun 04 2007 - 11:52:21 CDT
n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory

Source: CCN
Type: Full-Disclosure Mailing List, Mon Jun 04 2007 - 11:55:52 CDT
n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory

Source: MITRE
Type: CNA
CVE-2007-2967

Source: FULLDISC
Type: UNKNOWN
20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory

Source: FULLDISC
Type: UNKNOWN
20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory

Source: OSVDB
Type: UNKNOWN
36725

Source: OSVDB
Type: UNKNOWN
36726

Source: CCN
Type: SA25440
F-Secure Packed Executable and Archive Scanning Denial of Service

Source: SECUNIA
Type: Vendor Advisory
25440

Source: CCN
Type: SECTRACK ID: 1018146
F-Secure Internet Security Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges

Source: CCN
Type: SECTRACK ID: 1018147
F-Secure Internet Gatekeeper Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1018147

Source: CCN
Type: SECTRACK ID: 1018148
F-Secure Anti-Virus Lets Remote Users Execute Arbitrary Code and Local Users Gain Elevated Privileges

Source: CCN
Type: F-Secure Security Bulletin FSC-2007-3
Vulnerabilities in scanning of specially crafted archives and certain packed executables

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.f-secure.com/security/fsc-2007-3.shtml

Source: MISC
Type: UNKNOWN
http://www.nruns.com/security_advisory_fsecure_arj.php

Source: MISC
Type: UNKNOWN
http://www.nruns.com/security_advisory_fsecure_fsg.php

Source: CCN
Type: OSVDB ID: 36725
F-Secure Anti-Virus ARJ File Handling DoS

Source: CCN
Type: OSVDB ID: 36726
F-Secure Anti-Virus FSG File Handling DoS

Source: BUGTRAQ
Type: UNKNOWN
20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory

Source: BUGTRAQ
Type: UNKNOWN
20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory

Source: CCN
Type: BID-24234
Multiple F-Secure Products Packed Executables and Archives Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1018146

Source: SECTRACK
Type: UNKNOWN
1018148

Source: VUPEN
Type: Vendor Advisory
ADV-2007-1985

Source: XF
Type: UNKNOWN
fsecure-archive-dos(34581)

Source: XF
Type: UNKNOWN
fsecure-unspecified-archive-dos(34581)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:* (Version <= 4.65)
  • OR cpe:/a:f-secure:f-secure_anti-virus:*:*:linux_servers:*:*:*:*:* (Version <= 4.65)
  • OR cpe:/a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:* (Version <= 5.42)
  • OR cpe:/a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:* (Version <= 5.44)
  • OR cpe:/a:f-secure:f-secure_anti-virus:*:*:citrix_servers:*:*:*:*:* (Version <= 5.52)
  • OR cpe:/a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:* (Version <= 5.61)
  • OR cpe:/a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:* (Version <= 6.40)
  • OR cpe:/a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:* (Version <= 6.03)
  • OR cpe:/a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:* (Version <= 5.30)
  • OR cpe:/a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:* (Version <= 5.30)
  • OR cpe:/a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_protection_service:*:*:consumers:*:*:*:*:* (Version <= 6.40)
  • OR cpe:/a:f-secure:internet_gatekeeper:*:*:linux:*:*:*:*:* (Version <= 2.16)
  • OR cpe:/a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:* (Version <= 6.60)

    • Configuration CCN 1:
  • cpe:/a:f-secure:f-secure_anti-virus:5.52::citrix_servers:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:6.60:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:2.16:-:linux:*:*:*:*:*
  • OR cpe:/a:f-secure:f-secure_anti-virus:7.00::ms_exchange:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    f-secure f-secure anti-virus *
    f-secure f-secure anti-virus *
    f-secure f-secure anti-virus *
    f-secure f-secure anti-virus *
    f-secure f-secure anti-virus *
    f-secure f-secure anti-virus *
    f-secure f-secure anti-virus *
    f-secure f-secure anti-virus 2005
    f-secure f-secure anti-virus 2006
    f-secure f-secure anti-virus 2007
    f-secure f-secure anti-virus client security *
    f-secure f-secure anti-virus linux client security *
    f-secure f-secure anti-virus linux server security *
    f-secure f-secure internet security 2005
    f-secure f-secure internet security 2006
    f-secure f-secure internet security 2007
    f-secure f-secure protection service *
    f-secure internet gatekeeper *
    f-secure internet gatekeeper *
    f-secure f-secure anti-virus 5.52
    f-secure internet gatekeeper 6.60
    f-secure internet gatekeeper 2.16 -
    f-secure f-secure anti-virus 7.00