Vulnerability CVE-2006-3490
Published: 2006-07-10   Modified: 2012-02-12

Description:
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
F-secure -> F-secure anti-virus 
F-secure -> F-secure internet security 
F-secure -> F-secure service platform for service providers 

 References:
http://www.f-secure.com/security/fsc-2006-4.shtml
http://www.vupen.com/english/advisories/2006/2573
http://www.osvdb.org/26876
http://securitytracker.com/id?1016401
http://securitytracker.com/id?1016400
http://xforce.iss.net/xforce/xfdb/27502
http://www.securityfocus.com/bid/18693
http://secunia.com/advisories/20858
Copyright 2024, cxsecurity.com

 

Back to Top