F-PROT Antivirus Multiple Vulnerabilities Network Vulnerability

Summary

The remote host is installed with F-PROT Antivirus, which is prone multiple denial of service vulnerabilities.

Impact

Remote attackers can easily crash the engine/service via specially crafted files. Impact Level : Application.

Solution

Upgrade to latest F-PROT Antivirus or later. http://www.f-prot.com/download/

Insight

The issues are due to, - input validation error while processing the nb_dir field of CHM file's header. - improper handling of specially crafted UPX-compressed files, Microsoft Office files, and ASPack-compressed files.

Affected

F-Prot Antivirus for Windows prior to 6.0.9.0 on Windows (All).

References

http://www.f-prot.com/download/ReleaseNotesWindows.txt

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-3244
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Asterisk T.38 Negotiation Remote Denial Of Service Vulnerability
Comodo Internet Security Denial of Service Vulnerability-01
CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability
FreeType Memory Corruption and Buffer Overflow Vulnerabilities (Windows)
Apple Safari Denial Of Service Vulnerability - Jul09

Take action and discover your vulnerabilities