Vulnerability Description
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Barracuda Networks | Barracuda Spam Firewall | 3.1.17 |
| Amavis | Amavis | <= 2.4.1 |
References
- http://secunia.com/advisories/25122PatchVendor Advisory
- http://secunia.com/advisories/25315Vendor Advisory
- http://securityreason.com/securityalert/2680
- http://www.amavis.org/security/asa-2007-2.txt
- http://www.attrition.org/pipermail/vim/2007-July/001725.html
- http://www.osvdb.org/35795
- http://www.securityfocus.com/archive/1/467646/100/0/threaded
- http://www.securityfocus.com/bid/23823Exploit
- http://www.vupen.com/english/advisories/2007/1699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34080
- http://secunia.com/advisories/25122PatchVendor Advisory
- http://secunia.com/advisories/25315Vendor Advisory
- http://securityreason.com/securityalert/2680
- http://www.amavis.org/security/asa-2007-2.txt
- http://www.attrition.org/pipermail/vim/2007-July/001725.html
FAQ
What is CVE-2007-1669?
CVE-2007-1669 is a vulnerability with a CVSS score of 7.8 (HIGH). zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before ...
How severe is CVE-2007-1669?
CVE-2007-1669 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1669?
Check the references section above for vendor advisories and patch information. Affected products include: Barracuda Networks Barracuda Spam Firewall, Amavis Amavis.