CVE-2013-4602 - OpenCVE

A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Avira	Antivir Mailgate Antivir Mailgate Suite Antivir Personal Antivir Sharepoint Antivir Webgate Antivir Webgate Suite Antivirus Server Exchange Security Professional Security Savapi

Configuration 1 [-]

OR	cpe:2.3:a:avira:antivir_mailgate::::::::
	cpe:2.3:a:avira:antivir_mailgate_suite::::::::
	cpe:2.3:a:avira:antivir_personal::::::::
	cpe:2.3:a:avira:antivir_sharepoint::::::::
	cpe:2.3:a:avira:antivir_webgate::::::::
	cpe:2.3:a:avira:antivir_webgate_suite::::::::
	cpe:2.3:a:avira:antivirus_server::::::::
	cpe:2.3:a:avira:exchange_security::::::::
	cpe:2.3:a:avira:professional_security::::::::
	cpe:2.3:a:avira:savapi::::::::

No data.

References

Link	Providers
http://www.securityfocus.com/bid/60552
http://www.securitytracker.com/id/1028666
https://exchange.xforce.ibmcloud.com/vulnerabilities/85099
https://packetstormsecurity.com/files/122024/Avira-AntiVir-Engine-Denial-Of-Service-Filter-Evasion.html
https://vuldb.com/?id.9151

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-02-12T21:17:19

Updated: 2024-08-06T16:52:26.349Z

Reserved: 2013-06-12T00:00:00

Link: CVE-2013-4602

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-02-12T22:15:12.550

Modified: 2020-02-18T19:10:07.460

Link: CVE-2013-4602

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-06-05T00:00:00", "descriptions": [{"lang": "en", "value": "A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-12T21:17:19", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.securityfocus.com/bid/60552"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securitytracker.com/id/1028666"}, {"tags": ["x_refsource_MISC"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85099"}, {"tags": ["x_refsource_MISC"], "url": "https://vuldb.com/?id.9151"}, {"tags": ["x_refsource_MISC"], "url": "https://packetstormsecurity.com/files/122024/Avira-AntiVir-Engine-Denial-Of-Service-Filter-Evasion.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-4602", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.securityfocus.com/bid/60552", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/60552"}, {"name": "http://www.securitytracker.com/id/1028666", "refsource": "MISC", "url": "http://www.securitytracker.com/id/1028666"}, {"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85099", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85099"}, {"name": "https://vuldb.com/?id.9151", "refsource": "MISC", "url": "https://vuldb.com/?id.9151"}, {"name": "https://packetstormsecurity.com/files/122024/Avira-AntiVir-Engine-Denial-Of-Service-Filter-Evasion.html", "refsource": "MISC", "url": "https://packetstormsecurity.com/files/122024/Avira-AntiVir-Engine-Denial-Of-Service-Filter-Evasion.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:52:26.349Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securityfocus.com/bid/60552"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securitytracker.com/id/1028666"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85099"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://vuldb.com/?id.9151"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://packetstormsecurity.com/files/122024/Avira-AntiVir-Engine-Denial-Of-Service-Filter-Evasion.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-4602", "datePublished": "2020-02-12T21:17:19", "dateReserved": "2013-06-12T00:00:00", "dateUpdated": "2024-08-06T16:52:26.349Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avira:antivir_mailgate:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B1B2ACA-E86D-486B-90CC-AFAEA1984953", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:antivir_mailgate_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F1B54AF-0981-49FE-9DE4-BB9D37B16900", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:antivir_personal:*:*:*:*:*:*:*:*", "matchCriteriaId": "8BDC1E0B-5D6F-407F-88CA-2E1521A7B3F2", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:antivir_sharepoint:*:*:*:*:*:*:*:*", "matchCriteriaId": "0344C9ED-261F-4E19-8645-28422B4DC9F7", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:antivir_webgate:*:*:*:*:*:*:*:*", "matchCriteriaId": "5715AE53-CD49-40AD-A765-889C9768CD83", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:antivir_webgate_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "DB6F056D-B117-465E-9C77-2655F83DC32E", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:antivirus_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "2495B204-480F-4C0D-8A43-955D17A94590", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:exchange_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "0B60B790-6B4B-431E-BD1A-1CAE80DCDF5C", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:professional_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D2869FB-4930-4B47-8169-A7DD9A7FC488", "versionEndExcluding": "8.2.12.58", "vulnerable": true}, {"criteria": "cpe:2.3:a:avira:savapi:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1E6C9D3-2F10-4142-B736-B4F47FAD9FE2", "versionEndExcluding": "8.2.12.58", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de denegaci\u00f3n de servicio (bucle infinito) en Avira AntiVir Engine versiones anteriores a 8.2.12.58, por medio de una funci\u00f3n no especificada en el PDF Scanner Engine."}], "id": "CVE-2013-4602", "lastModified": "2020-02-18T19:10:07.460", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-12T22:15:12.550", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/60552"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1028666"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85099"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://packetstormsecurity.com/files/122024/Avira-AntiVir-Engine-Denial-Of-Service-Filter-Evasion.html"}, {"source": "cve@mitre.org", "tags": ["Permissions Required", "Third Party Advisory"], "url": "https://vuldb.com/?id.9151"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}