CVE-2007-1669
First published: Wed May 09 2007(Updated: )
zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Barracuda Spam Firewall | =3.1.17 | |
| Barracuda Spam Firewall | =3.1.18 | |
| Barracuda Spam Firewall | =3.3.0.54 | |
| Barracuda Spam Firewall | =3.3.01.001 | |
| Barracuda Spam Firewall | =3.3.3 | |
| Barracuda Spam Firewall | =3.3.03.053 | |
| Barracuda Spam Firewall | =3.3.03.055 | |
| Barracuda Spam Firewall | =3.3.15.026 | |
| Barracuda Spam Firewall | =3.4 | |
| AMaViS | <=2.4.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/23823
- http://secunia.com/advisories/25122
- http://www.amavis.org/security/asa-2007-2.txt
- http://www.attrition.org/pipermail/vim/2007-July/001725.html
- http://www.osvdb.org/35795
- http://secunia.com/advisories/25315
- http://securityreason.com/securityalert/2680
- http://www.vupen.com/english/advisories/2007/1699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34080
- http://www.securityfocus.com/archive/1/467646/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2007-1669?
CVE-2007-1669 has a low severity rating and is primarily associated with denial of service vulnerabilities.
How do I fix CVE-2007-1669?
To fix CVE-2007-1669, upgrade to the latest version of the affected software or apply the available patches.
What products are affected by CVE-2007-1669?
CVE-2007-1669 affects Barracuda Spam Firewall versions before 3.4 and AMaViS versions up to 2.4.1.
Can CVE-2007-1669 be exploited remotely?
Yes, CVE-2007-1669 can be exploited remotely by attackers to induce a denial of service.
What are the symptoms of CVE-2007-1669 exploitation?
The exploitation of CVE-2007-1669 may lead to service outages or degraded performance in the affected applications.
- collector/nvd-historical
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/remedy
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/barracuda networks
- canonical/barracuda spam firewall
- version/barracuda spam firewall/3.1.17
- version/barracuda spam firewall/3.1.18
- version/barracuda spam firewall/3.3.0.54
- version/barracuda spam firewall/3.3.01.001
- version/barracuda spam firewall/3.3.3
- version/barracuda spam firewall/3.3.03.053
- version/barracuda spam firewall/3.3.03.055
- version/barracuda spam firewall/3.3.15.026
- version/barracuda spam firewall/3.4
- vendor/amavis
- canonical/amavis
- version/amavis/2.4.1