CVE-2022-28882
Summary
| CVE | CVE-2022-28882 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-08-23 16:15:00 UTC |
| Updated | 2022-08-25 14:08:00 UTC |
| Description | A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker. |
Risk And Classification
Problem Types: CWE-835
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Macos | - | All | All | All |
| Application | F-secure | Atlant | All | All | All | All |
| Application | F-secure | Cloud Protection For Salesforce | All | All | All | All |
| Application | F-secure | Elements Collaboration Protection | All | All | All | All |
| Application | F-secure | Elements Endpoint Protection | All | All | All | All |
| Application | F-secure | Internet Gatekeeper | All | All | All | All |
| Application | F-secure | Linux Security | All | All | All | All |
| Application | F-secure | Linux Security 64 | All | All | All | All |
| Operating System | Microsoft | Windows | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security advisories | WithSecure™ | MISC | www.withsecure.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
LEGACY: WithSecure & F-Secure would like to thank faty420 https://twitter.com/faty420 for bringing this issue to our attention
There are currently no legacy QID mappings associated with this CVE.