Sign-up

ID

VAR-200707-0291


CVE

CVE-2007-3906


TITLE

Kaspersky Anti-Virus 5.5 for Check Point Firewall-1 Denial of Service Vulnerability

Trust: 0.9

sources: BID: 24932 // CNNVD: CNNVD-200707-372

DESCRIPTION

Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow attackers to cause a denial of service (kernel hang) via unspecified vectors. NOTE: it is not clear whether there is an attacker role. Kaspersky Anti-Virus 5.5 for Check Point Firewall-1 is prone to a denial-of-service vulnerability. Further details are currently unavailable. This issue affects Kaspersky Anti-Virus 5.5 for Check Point Firewall-1. ---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/ The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. SOLUTION: Apply Critical Fix-1 (Build 5.5.161.0). http://www.kaspersky.com/productupdates?chapter=146274607 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://support.kaspersky.com/checkpoint?qid=208279464 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2007-3906 // JVNDB: JVNDB-2007-004149 // BID: 24932 // VULHUB: VHN-27268 // PACKETSTORM: 57792

AFFECTED PRODUCTS

vendor:kaspersky labmodel:anti-virus 5.5 for check point firewall-scope:lteversion:5.5.145.0

Trust: 1.0

vendor:kasperskymodel:anti-virus 5.5 for check point firewall-scope:ltversion:critical fix 1 (5.5.161.0) 1

Trust: 0.8

vendor:kaspersky labmodel:anti-virus 5.5 for check point firewall-scope:eqversion:5.5.145.0

Trust: 0.6

vendor:kasperskymodel:anti-virus for check point firewall-1scope:eqversion:5.5

Trust: 0.3

vendor:kasperskymodel:anti-virus for check point firewall-1 5.5.buildscope:neversion:5.55.5.161.0

Trust: 0.3

sources: BID: 24932 // JVNDB: JVNDB-2007-004149 // CNNVD: CNNVD-200707-372 // NVD: CVE-2007-3906

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-3906
value: MEDIUM

Trust: 1.0

NVD: CVE-2007-3906
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200707-372
value: MEDIUM

Trust: 0.6

VULHUB: VHN-27268
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2007-3906
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-27268
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-27268 // JVNDB: JVNDB-2007-004149 // CNNVD: CNNVD-200707-372 // NVD: CVE-2007-3906

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-3906

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200707-372

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200707-372

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-004149

PATCH
title:208279464url:http://support.kaspersky.com/checkpoint?qid=208279464
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-004149

EXTERNAL IDS
db:NVDid:CVE-2007-3906
Trust: 2.8
db:BIDid:24932
Trust: 2.0
db:SECUNIAid:26064
Trust: 1.8
db:VUPENid:ADV-2007-2561
Trust: 1.7
db:OSVDBid:36127
Trust: 1.7
db:JVNDBid:JVNDB-2007-004149
Trust: 0.8
db:CNNVDid:CNNVD-200707-372
Trust: 0.7
db:XFid:35454
Trust: 0.6
db:VULHUBid:VHN-27268
Trust: 0.1
db:PACKETSTORMid:57792
Trust: 0.1
sources:
            
            
            VULHUB: VHN-27268 // 
            
            
            
            BID: 24932 // 
            
            
            
            JVNDB: JVNDB-2007-004149 // 
            
            
            
            PACKETSTORM: 57792 // 
            
            
            
            CNNVD: CNNVD-200707-372 // 
            
            
            
            NVD: CVE-2007-3906

REFERENCES
url:http://support.kaspersky.com/checkpoint?qid=208279464
Trust: 2.1
url:http://www.securityfocus.com/bid/24932
Trust: 1.7
url:http://osvdb.org/36127
Trust: 1.7
url:http://secunia.com/advisories/26064
Trust: 1.7
url:http://www.vupen.com/english/advisories/2007/2561
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/35454
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3906
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3906
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2007/2561
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/35454
Trust: 0.6
url:http://www.kaspersky.com/
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/network_software_inspector/
Trust: 0.1
url:http://secunia.com/product/14799/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/26064/
Trust: 0.1
url:http://www.kaspersky.com/productupdates?chapter=146274607
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-27268 // 
            
            
            
            BID: 24932 // 
            
            
            
            JVNDB: JVNDB-2007-004149 // 
            
            
            
            PACKETSTORM: 57792 // 
            
            
            
            CNNVD: CNNVD-200707-372 // 
            
            
            
            NVD: CVE-2007-3906

CREDITS
The vendor released information regarding this issue.
Trust: 0.9
sources:
            
            
            BID: 24932 // 
            
            
            
            CNNVD: CNNVD-200707-372

SOURCES
db:VULHUBid:VHN-27268
db:BIDid:24932
db:JVNDBid:JVNDB-2007-004149
db:PACKETSTORMid:57792
db:CNNVDid:CNNVD-200707-372
db:NVDid:CVE-2007-3906

LAST UPDATE DATE
2025-04-10T23:05:35.883000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-27268date:2017-07-29T00:00:00
db:BIDid:24932date:2015-05-07T17:36:00
db:JVNDBid:JVNDB-2007-004149date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200707-372date:2007-07-23T00:00:00
db:NVDid:CVE-2007-3906date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:VULHUBid:VHN-27268date:2007-07-19T00:00:00
db:BIDid:24932date:2007-07-12T00:00:00
db:JVNDBid:JVNDB-2007-004149date:2012-09-25T00:00:00
db:PACKETSTORMid:57792date:2007-07-18T03:40:34
db:CNNVDid:CNNVD-200707-372date:2007-07-19T00:00:00
db:NVDid:CVE-2007-3906date:2007-07-19T17:30:00