F-PROT Antivirus CHM File Remote Denial Of Service Vulnerability

Bugtraq ID:	30253
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2008-3244
Remote:	Yes
Local:	No
Published:	Jul 16 2008 12:00AM
Updated:	May 07 2015 05:27PM
Credit:	Sergio Alvarez
Vulnerable:	Frisk Software F-Prot Antivirus Engine 0 Frisk Software F-Prot Antivirus 4.6.7 Frisk Software F-Prot Antivirus 4.6.6 Frisk Software F-Prot Antivirus 3.16f
Not Vulnerable:	Frisk Software F-Prot Antivirus Engine 4.4.4 Frisk Software F-Prot Antivirus 6.0.9 .0

F-PROT Antivirus CHM File Remote Denial Of Service Vulnerability

F-PROT Antivirus is prone to a remote denial-of-service vulnerability because the application fails to properly handle malformed CHM files.

An attacker may exploit this issue to crash the affected application, denying further service to legitimate users.

Versions prior to F-PROT Antivirus engine 4.4.4 are vulnerable. This version of the engine is included in F-PROT Antivirus 6.0.9.0.

F-PROT Antivirus CHM File Remote Denial Of Service Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

F-PROT Antivirus CHM File Remote Denial Of Service Vulnerability

Solution:
The vendor has released Antivirus Engine 4.4.4 to address this issue. Please see the references for more information.

F-PROT Antivirus CHM File Remote Denial Of Service Vulnerability

References:

• F-PROT ANTIVIRUS 6.0.9.0 (Frisk Software)
  
• F-PROT Homepage (F-PROT)