Vulnerabilities for F-secure anti-virus linux server security (...) - CXSECURITY.COM

Vulnerabilities for
'F-secure anti-virus linux server security'

2010-04-15

CVE-2010-1425

CWE-Other

F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.

2009-02-06

CVE-2008-6085

CWE-189

Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.

2007-06-20

CVE-2007-3300

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.

2007-05-31

CVE-2007-2967

CWE-20

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.

CVE-2007-2966

CWE-119

Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335.

CVE-2007-2965

Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space."

>>> Vendor: F-secure 55 Products

Internet gatekeeper

F-secure anti-virus

F-secure for firewalls

F-secure internet security

F-secure personal express

Client security

F-secure content scanner server

F-secure ssh server

Solutions based on f-secure personal express

F-secure service platform for service providers

F-secure anti-virus client security

F-secure anti-virus linux client security

F-secure anti-virus linux server security

F-secure protection service

Internet security

F-secure anti-virus for linux

F-secure anti-virus for workstations

F-secure protection service for business

F-secure protection service for consumers

F-secure client security

F-secure mobile antivirus for s60

F-secure mobile antivirus for windows mobile

F-secure mobile security for series 80

F-secure anti-virus for citrix servers

F-secure anti-virus for microsoft exchange

F-secure anti-virus for mimesweeper

F-secure anti-virus for windows servers

F-secure home server security

F-secure internet gatekeeper for linux

F-secure internet gatekeeper for windows

F-secure linux security

F-secure messaging security gateway

Endpoint protection

Home server security

F-secure internet security 2010

Psb workstation security

Email and server security

Server security

Secure messaging secure gateway

Software updater

F-secure online scanner

Cloud protection for salesforce

Elements for microsoft 365

Cloud protection

Linux security 64

Elements endpoint protection

Copyright 2024, cxsecurity.com