Vulnerabilities > CVE-2018-18058 - Divide By Zero vulnerability in Bitdefender Scan Engines

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

high complexity

bitdefender

CWE-369

NVD

Published: 2019-05-24

Updated: 2019-05-29

Summary

An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a division-by-zero circumstance. Paired with other vulnerabilities, this can result in denial-of-service. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Vulnerable Configurations

Part	Description	Count
Application	Bitdefender Bitdefender Scan Engines *	1

Common Weakness Enumeration (CWE)

CWE-369 - Divide By Zero

References

https://www.bitdefender.com/support/security-advisories/bitdefender-iso-xmd-iso-parsing-bounds-read-vulnerability/
https://www.bitdefender.com/