{"api_version":"1","generated_at":"2026-04-21T17:39:00+00:00","cve":"CVE-2007-1669","urls":{"html":"https://cve.report/CVE-2007-1669","api":"https://cve.report/api/cve/CVE-2007-1669.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2007-1669","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2007-1669"},"summary":{"title":"CVE-2007-1669","description":"zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2007-05-09 00:19:00","updated_at":"2018-10-16 16:40:00"},"problem_types":["NVD-CWE-Other"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/23823","name":"23823","refsource":"BID","tags":["Exploit"],"title":"Multiple Vendors Zoo Compression Algorithm Remote Denial of Service Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.amavis.org/security/asa-2007-2.txt","name":"http://www.amavis.org/security/asa-2007-2.txt","refsource":"CONFIRM","tags":[],"title":"404 Not Found","mime":"text/plain","httpstatus":"404","archivestatus":"200"},{"url":"http://securityreason.com/securityalert/2680","name":"2680","refsource":"SREASON","tags":[],"title":"Multiple vendors ZOO file decompression infinite loop DoS - CXSecurity.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/archive/1/467646/100/0/threaded","name":"20070504 Multiple vendors ZOO file decompression infinite loop DoS","refsource":"BUGTRAQ","tags":[],"title":"SecurityFocus","mime":"text/x-c","httpstatus":"-1","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2007/1699","name":"ADV-2007-1699","refsource":"VUPEN","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.attrition.org/pipermail/vim/2007-July/001725.html","name":"20070724 zoo - amavis - barracuda cross-ref problems","refsource":"VIM","tags":[],"title":"[VIM] zoo - amavis - barracuda cross-ref problems","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25122","name":"25122","refsource":"SECUNIA","tags":["Patch","Vendor Advisory"],"title":"Barracuda Spam Firewall Zoo Denial of Service Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.osvdb.org/35795","name":"35795","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34080","name":"multiple-vendor-zoo-dos(34080)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/25315","name":"25315","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Amavis Zoo Denial of Service Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2007-1669","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-1669","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2007","cve_id":"1669","vulnerable":"1","versionEndIncluding":"2.4.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"amavis","cpe5":"amavis","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.1.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.1.18","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.0.54","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.01.001","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.03.053","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.03.055","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.15.026","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.1.17","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.1.18","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.0.54","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.01.001","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.03.053","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.03.055","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.15.026","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.3.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2007","cve_id":"1669","vulnerable":"0","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"barracuda_networks","cpe5":"barracuda_spam_firewall","cpe6":"3.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2007-1669","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.amavis.org/security/asa-2007-2.txt","refsource":"CONFIRM","url":"http://www.amavis.org/security/asa-2007-2.txt"},{"name":"multiple-vendor-zoo-dos(34080)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34080"},{"name":"ADV-2007-1699","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2007/1699"},{"name":"23823","refsource":"BID","url":"http://www.securityfocus.com/bid/23823"},{"name":"20070724 zoo - amavis - barracuda cross-ref problems","refsource":"VIM","url":"http://www.attrition.org/pipermail/vim/2007-July/001725.html"},{"name":"25315","refsource":"SECUNIA","url":"http://secunia.com/advisories/25315"},{"name":"20070504 Multiple vendors ZOO file decompression infinite loop DoS","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/467646/100/0/threaded"},{"name":"25122","refsource":"SECUNIA","url":"http://secunia.com/advisories/25122"},{"name":"2680","refsource":"SREASON","url":"http://securityreason.com/securityalert/2680"},{"name":"35795","refsource":"OSVDB","url":"http://www.osvdb.org/35795"}]}},"nvd":{"publishedDate":"2007-05-09 00:19:00","lastModifiedDate":"2018-10-16 16:40:00","problem_types":["NVD-CWE-Other"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE","baseScore":7.8},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.17:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.1.18:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.0.54:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.01.001:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.053:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.03.055:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.3.15.026:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:3.4:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*","versionEndIncluding":"2.4.1","cpe_name":[]}]}],"cpe_match":[]}]}},"legacy_mitre":{"record":{"CveYear":"2007","CveId":"1669","Ordinal":"24248","Title":"CVE-2007-1669","CVE":"CVE-2007-1669","Year":"2007"},"notes":[{"CveYear":"2007","CveId":"1669","Ordinal":"1","NoteData":"zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.","Type":"Description","Title":null},{"CveYear":"2007","CveId":"1669","Ordinal":"2","NoteData":"2007-05-08","Type":"Other","Title":"Published"},{"CveYear":"2007","CveId":"1669","Ordinal":"3","NoteData":"2018-10-16","Type":"Other","Title":"Modified"}]}}}