Kaspersky AntiVirus Engine 6.0.1.411 for Windows allows remote attackers to cause a denial of service (CPU consumption) via a crafted UPX compressed file with a negative offset, which triggers an infinite loop during decompression.

Update to a newer version (automatic update will do).

• http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1281

---

Updated on 2015-03-25