← Back

CVE-2023-42526

nvd nist
Published: Sep 18, 2023Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

Affected (7)

Withsecure
7 products
Email And Server Security
Server Security
Client Security
Elements Endpoint Protection
Linux Protection
Linux Security 64
Atlant
Configuration A
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Email And Server Security
Version 15
Server Security
Version 15
Running on/withPlatform Versions
Microsoft
Windows
All versions
Configuration B
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Client Security
Version 15
Elements Endpoint Protection
From 17
Running on/withPlatform Versions
Apple
Macos
All versions
Configuration C
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Linux Protection
Version 12.0
Linux Security 64
Version 12.0
Running on/withPlatform Versions
Linux
Linux Kernel
All versions
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Atlant
Version 1.0.35-1

Related CWEs

CWE-400
Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.