Product:

Email_and_server_security

(F\-Secure)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 10
Date Id Summary Products Score Patch Annotated
2020-02-22 CVE-2020-9342 The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper. Cloud_protection_for_salesforce, Email_and_server_security, Internet_gatekeeper 5.5
2022-03-10 CVE-2021-44750 An arbitrary code execution vulnerability was found in the F-Secure Support Tool. A standard user can craft a special configuration file, which when run by administrator can execute any commands. Client_security, Countercept, Elements, Email_and_server_security, Server_security 7.3
2023-09-22 CVE-2023-43760 Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Atlant, Client_security, Elements_endpoint_protection, Email_and_server_security, Linux_protection, Linux_security_64, Server_security 7.5
2023-09-22 CVE-2023-43761 Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Atlant, Client_security, Elements_endpoint_protection, Email_and_server_security, Linux_protection, Linux_security_64, Server_security 7.5
2023-09-22 CVE-2023-43765 Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Atlant, Client_security, Elements_endpoint_protection, Email_and_server_security, Linux_protection, Linux_security_64, Server_security 7.5
2023-09-22 CVE-2023-43766 Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Atlant, Client_security, Elements_endpoint_protection, Email_and_server_security, Linux_protection, Linux_security_64, Server_security 7.8
2023-09-22 CVE-2023-43767 Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Atlant, Client_security, Elements_endpoint_protection, Email_and_server_security, Linux_protection, Linux_security_64, Server_security 7.5
2023-11-27 CVE-2023-49321 Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure... Atlant, Client_security, Elements_endpoint_protection, Email_and_server_security, Linux_protection, Linux_security_64, Server_security 5.3
2023-11-27 CVE-2023-49322 Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure... Atlant, Client_security, Elements_endpoint_protection, Email_and_server_security, Linux_protection, Linux_security_64, Server_security 7.5
2014-04-18 CVE-2013-7369 SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure Server Security 9.20 before HF01 allows remote attackers to execute arbitrary SQL commands via unknown vectors, related to GetCommand. Anti\-Virus, Email_and_server_security, Server_security N/A