Vigil@nce: F-PROT, denial of service via zip
August 2008 by Vigil@nce
SYNTHESIS
An attacker can send a corrupted zip file to a victim, this will
generate a denial of service.
Gravity: 1/4
Consequences: denial of service of client
Provenance: document
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 31/07/2008
Identifier: VIGILANCE-VUL-7981
IMPACTED PRODUCTS
– F-PROT Antivirus
DESCRIPTION
The F-PROT antivirus checks every files on the computer of the
victim.
An attacker can send a corrupted zip file, this last will generate
an infinite loop in F-PROT.
An attacker can therefore generate a denial of service.
CHARACTERISTICS
Identifiers: VIGILANCE-VUL-7981