A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
References
Link | Resource |
---|---|
https://www.withsecure.com/en/support/security-advisories | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
25 Aug 2022, 14:08
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-835 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://www.withsecure.com/en/support/security-advisories - Vendor Advisory | |
First Time |
F-secure linux Security
F-secure elements Collaboration Protection F-secure F-secure internet Gatekeeper F-secure elements Endpoint Protection F-secure atlant Apple F-secure linux Security 64 Apple macos Microsoft Microsoft windows F-secure cloud Protection For Salesforce |
|
CPE | cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:* cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:* cpe:2.3:a:f-secure:cloud_protection_for_salesforce:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:f-secure:linux_security_64:*:*:*:*:*:*:*:* cpe:2.3:a:f-secure:atlant:*:*:*:*:*:*:*:* cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:* cpe:2.3:a:f-secure:elements_collaboration_protection:*:*:*:*:*:*:*:* cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:x86:* |
23 Aug 2022, 17:04
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-23 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-28882
Mitre link : CVE-2022-28882
CVE.ORG link : CVE-2022-28882
JSON object : View
Products Affected
f-secure
- elements_endpoint_protection
- linux_security_64
- atlant
- cloud_protection_for_salesforce
- internet_gatekeeper
- elements_collaboration_protection
- linux_security
apple
- macos
microsoft
- windows
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')