← Back

CVE-2023-42524

nvd nist
Published: Sep 18, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Affected (7)

Withsecure
7 products
Email And Server Security
Server Security
Client Security
Elements Endpoint Protection
Linux Protection
Linux Security 64
Atlant
Configuration A
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Email And Server Security
Version 15
Server Security
Version 15
Running on/withPlatform Versions
Microsoft
Windows
All versions
Configuration B
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Client Security
Version 15
Elements Endpoint Protection
From 17
Running on/withPlatform Versions
Apple
Macos
All versions
Configuration C
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Linux Protection
Version 12.0
Linux Security 64
Version 12.0
Running on/withPlatform Versions
Linux
Linux Kernel
All versions
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Atlant
Version 1.0.35-1

Related CWEs

CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

References (2)

Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.