CVE-2022-28882

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:f-secure:atlant:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:cloud_protection_for_salesforce:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:elements_collaboration_protection:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:x86:*
cpe:2.3:a:f-secure:linux_security_64:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:58

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 4.3
References () https://www.withsecure.com/en/support/security-advisories - Vendor Advisory () https://www.withsecure.com/en/support/security-advisories - Vendor Advisory

Information

Published : 2022-08-23 16:15

Updated : 2024-11-21 06:58


NVD link : CVE-2022-28882

Mitre link : CVE-2022-28882

CVE.ORG link : CVE-2022-28882


JSON object : View

Products Affected

f-secure

  • atlant
  • internet_gatekeeper
  • linux_security
  • elements_endpoint_protection
  • cloud_protection_for_salesforce
  • elements_collaboration_protection
  • linux_security_64

apple

  • macos

microsoft

  • windows
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')