CVE-2022-28882

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:f-secure:elements_endpoint_protection:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:f-secure:atlant:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:cloud_protection_for_salesforce:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:elements_collaboration_protection:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:x86:*
cpe:2.3:a:f-secure:linux_security_64:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-23 16:15

Updated : 2024-02-28 19:29


NVD link : CVE-2022-28882

Mitre link : CVE-2022-28882

CVE.ORG link : CVE-2022-28882


JSON object : View

Products Affected

f-secure

  • elements_collaboration_protection
  • elements_endpoint_protection
  • linux_security_64
  • linux_security
  • cloud_protection_for_salesforce
  • atlant
  • internet_gatekeeper

microsoft

  • windows

apple

  • macos
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')