CVE-2007-1673

Exp

unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file.

Published: 2007-05-09 Last update: 2026-04-23 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2007-1673 is rated High Exploit Risk (74.8/100): CVSS High severity, with medium exploitation likelihood (EPSS 1.42%). 1 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2007-1673

EDB-ID Source Kind Published Link
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2007-1673

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-02 1.16% 1.42% +0.26%
2 2025-12-26 1.12% 1.16% +0.05%
3 2025-11-30 1.12%

Full EPSS history (16 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2007-1673

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.8 2.0 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:N)
No confidentiality impact.
Integrity impact (I:N)
No integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 6.9 [email protected]

Weakness enumeration for CVE-2007-1673

OS Trackers for CVE-2007-1673

vendor priority summary link
ubuntu medium CVE-2007-1673 medium priority: Ubuntu including 2 source packages (unzoo, zoo), 18 status rows across 9 suites (dapper, edgy, feisty, gutsy, hardy, intrepid, jaunty, karmic, upstream): released 7, ignored 6, DNE 3, needs-triage 2. https://ubuntu.com/security/CVE-2007-1673

NVD evaluator notes for CVE-2007-1673

Solution: http://xforce.iss.net/xforce/xfdb/34080 For Barracuda Spam Firewall: Upgrade to the latest virus definition version of Barracuda Spam Firewall (virusdef 2.0.6399 for 3.4 and after or virusdef 2.0.6399o for prior to 3.4), available from the automatic update. For Panda Software Antivirus: Upgrade to the latest version of Panda Software Antivirus (4/2/2007 or later), available from the automatic update feature. For avast! antivirus: Upgrade to the latest version of Panda Software Antivirus (4.7.981 or later), available from the avast! antivirus Web site. See references. For Avira AntiVir: Upgrade to the latest version of Avira AntiVir (avpack32.dll version 7.3.0.6 or later), available from the automatic update feature. For AMaViS: Refer to ASA-2007-2 for patch, upgrade, or suggested workaround information. See References.

Affected software / configurations for CVE-2007-1673

Vendor Product Version Raw CPE
amavis amavis <= 2.4.1 cpe:2.3:a:amavis:amavis:*:*:*:*:*:*:*:*
avast avast_antivirus <= 4.7.980 cpe:2.3:a:avast:avast_antivirus:*:*:*:*:*:*:*:*
avast avast_antivirus 4.6.394 cpe:2.3:a:avast:avast_antivirus:4.6.394:*:*:*:*:*:*:*
avast avast_antivirus 4.7.652 cpe:2.3:a:avast:avast_antivirus:4.7.652:*:*:*:*:*:*:*
avast avast_antivirus 4.7.700 cpe:2.3:a:avast:avast_antivirus:4.7.700:*:*:*:*:*:*:*
avast avast_antivirus_home 4.0 cpe:2.3:a:avast:avast_antivirus_home:4.0:*:*:*:*:*:*:*
avast avast_antivirus_home 4.6 cpe:2.3:a:avast:avast_antivirus_home:4.6:*:*:*:*:*:*:*
avast avast_antivirus_home 4.6.652 cpe:2.3:a:avast:avast_antivirus_home:4.6.652:*:*:*:*:*:*:*
avast avast_antivirus_home 4.6.655 cpe:2.3:a:avast:avast_antivirus_home:4.6.655:*:*:*:*:*:*:*
avast avast_antivirus_home 4.6.665 cpe:2.3:a:avast:avast_antivirus_home:4.6.665:*:*:*:*:*:*:*
avast avast_antivirus_home 4.6.691 cpe:2.3:a:avast:avast_antivirus_home:4.6.691:*:*:*:*:*:*:*
avast avast_antivirus_home 4.7.827 cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:*:*:*:*:*:*
avast avast_antivirus_home 4.7.827 cpe:2.3:a:avast:avast_antivirus_home:4.7.827:*:windows:*:*:*:*:*
avast avast_antivirus_home 4.7.844 cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:*:*:*:*:*:*
avast avast_antivirus_home 4.7.844 cpe:2.3:a:avast:avast_antivirus_home:4.7.844:*:windows:*:*:*:*:*
avast avast_antivirus_home 4.7.869 cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:*:*:*:*:*:*
avast avast_antivirus_home 4.7.869 cpe:2.3:a:avast:avast_antivirus_home:4.7.869:*:windows:*:*:*:*:*
avast avast_antivirus_home 4.7.1043 cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:*:*:*:*:*:*
avast avast_antivirus_home 4.7.1043 cpe:2.3:a:avast:avast_antivirus_home:4.7.1043:*:windows:*:*:*:*:*
avast avast_antivirus_home 4.7.1098 cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:*:*:*:*:*:*
avast avast_antivirus_home 4.7.1098 cpe:2.3:a:avast:avast_antivirus_home:4.7.1098:*:windows:*:*:*:*:*
avast avast_antivirus_professional 4.0 cpe:2.3:a:avast:avast_antivirus_professional:4.0:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.6 cpe:2.3:a:avast:avast_antivirus_professional:4.6:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.6.603 cpe:2.3:a:avast:avast_antivirus_professional:4.6.603:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.6.652 cpe:2.3:a:avast:avast_antivirus_professional:4.6.652:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.6.665 cpe:2.3:a:avast:avast_antivirus_professional:4.6.665:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.6.691 cpe:2.3:a:avast:avast_antivirus_professional:4.6.691:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.7.827 cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.7.827 cpe:2.3:a:avast:avast_antivirus_professional:4.7.827:*:windows:*:*:*:*:*
avast avast_antivirus_professional 4.7.844 cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.7.844 cpe:2.3:a:avast:avast_antivirus_professional:4.7.844:*:windows:*:*:*:*:*
avast avast_antivirus_professional 4.7.869 cpe:2.3:a:avast:avast_antivirus_professional:4.7.869:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.7.1043 cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:*:*:*:*:*:*
avast avast_antivirus_professional 4.7.1043 cpe:2.3:a:avast:avast_antivirus_professional:4.7.1043:*:windows:*:*:*:*:*
avast avast_antivirus_professional 4.7.1098 cpe:2.3:a:avast:avast_antivirus_professional:4.7.1098:*:*:*:*:*:*:*
avira antivir cpe:2.3:a:avira:antivir:*:*:*:*:*:*:*:*
avira antivir 6.35.00.00 cpe:2.3:a:avira:antivir:6.35.00.00:*:*:*:*:*:*:*
avira antivir 7.04.00.23 cpe:2.3:a:avira:antivir:7.04.00.23:*:*:*:*:*:*:*
avira antivir_personal cpe:2.3:a:avira:antivir_personal:*:*:*:*:*:*:*:*
avira antivir_personal cpe:2.3:a:avira:antivir_personal:*:*:classic:*:*:*:*:*
avira antivir_personal cpe:2.3:a:avira:antivir_personal:*:*:premium:*:*:*:*:*
avira antivir_personal <= 7.3.0.5 cpe:2.3:a:avira:antivir_personal:*:*:*:*:*:*:*:*
avira antivir_personal 7 cpe:2.3:a:avira:antivir_personal:7:*:*:*:*:*:*:*
avira antivir_personal 7 cpe:2.3:a:avira:antivir_personal:7:*:classic:*:*:*:*:*
panda panda_antivirus 2007 cpe:2.3:a:panda:panda_antivirus:2007:*:*:*:*:*:*:*
panda panda_antivirus_and_firewall 2007 cpe:2.3:a:panda:panda_antivirus_and_firewall:2007:*:*:*:*:*:*:*
picozip picozip cpe:2.3:a:picozip:picozip:*:*:*:*:*:*:*:*
rahul_dhesi zoo <= 2.10 cpe:2.3:a:rahul_dhesi:zoo:*:*:*:*:*:*:*:*
unzoo unzoo 4.4 cpe:2.3:a:unzoo:unzoo:4.4:*:*:*:*:*:*:*
winace winace cpe:2.3:a:winace:winace:*:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:*:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_100 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_100:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_200 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_200:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_300 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_300:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_400 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_400:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_500 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_500:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_600 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_600:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_800 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_800:*:*:*:*:*:*:*
barracuda_networks barracuda_spam_firewall model_900 cpe:2.3:h:barracuda_networks:barracuda_spam_firewall:model_900:*:*:*:*:*:*:*

References for CVE-2007-1673

cvelogic Threat Intelligence