Vulnerability CVE-2021-40833
Published: 2021-11-26

Description:
A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

Type:

CWE-404

 (Improper Resource Shutdown or Release)

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
F-secure -> Atlant 
F-secure -> Internet gatekeeper 
F-secure -> Linux security 
F-secure -> Linux security 64 

 References:
https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame
https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40833
Copyright 2024, cxsecurity.com

 

Back to Top