CVE-2021-40836

Denial-of-Service (DoS) Vulnerability 

More information

A vulnerability affecting WithSecure™ antivirus engine was discovered whereby scanning MS outlook pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

This issue was reported to WithSecure™ through the Vulnerability Reward Program. No known exploit or attack has been seen in the wild.

Contributors

WithSecure Corporation would like to thank following person for bringing this issue to our attention.

faty420

Twitter

    Description

  • Crash while scanning Microsoft Outlook ".pst" files can cause Denial-of-Service of Antivirus engine.
  • Status

  • Fixed
  • Risk level

  • Medium
  • Fix

  • No User action is required. The required fix has been published through automatic update channel with Capricorn update 2021-12-13_07
  • Affected products

  • All WithSecure™ Endpoint Protection products on Windows and Mac WithSecure™ Linux Security (32-bit) WithSecure™ Linux Security 64 WithSecure™ Atlant WithSecure™ Internet Gatekeeper
  • Platforms

  • Affected platforms all supported platforms for the affected products
  • Date issued

  • 22/12/2021
  • Security advisories
  • 2021
  • Medium