CVE-2007-1669

high

Description

zoo decoder 2.10 (zoo-2.10), as used in multiple products including (1) Barracuda Spam Firewall 3.4 and later with virusdef before 2.0.6399, (2) Spam Firewall before 3.4 20070319 with virusdef before 2.0.6399o, and (3) AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/34080

http://www.vupen.com/english/advisories/2007/1699

http://www.securityfocus.com/archive/1/467646/100/0/threaded

http://www.osvdb.org/35795

http://www.attrition.org/pipermail/vim/2007-July/001725.html

http://www.amavis.org/security/asa-2007-2.txt

http://securityreason.com/securityalert/2680

http://secunia.com/advisories/25315

http://secunia.com/advisories/25122

Details

Source: Mitre, NVD

Published: 2007-05-09

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.15909