Product:

F\-Secure_anti\-Virus

(F\-Secure)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 36
Date Id Summary Products Score Patch Annotated
2008-02-22 CVE-2008-0910 Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792. F\-Secure_anti\-Virus, F\-Secure_anti\-Virus_client_security, F\-Secure_anti\-Virus_for_linux, F\-Secure_anti\-Virus_for_workstations, F\-Secure_anti\-Virus_linux_client_security, F\-Secure_internet_security, F\-Secure_protection_service_for_business, F\-Secure_protection_service_for_consumers N/A
2008-02-15 CVE-2008-0792 Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive. F\-Secure_anti\-Virus, F\-Secure_anti\-Virus_client_security, F\-Secure_anti\-Virus_for_linux, F\-Secure_anti\-Virus_for_workstations, F\-Secure_anti\-Virus_linux_client_security, F\-Secure_internet_security, F\-Secure_protection_service_for_business, F\-Secure_protection_service_for_consumers N/A
2007-10-01 CVE-2007-5143 F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus. F\-Secure_anti\-Virus N/A
2007-06-20 CVE-2007-3300 Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive. F\-Secure_anti\-Virus, F\-Secure_anti\-Virus_linux_client_security, F\-Secure_anti\-Virus_linux_server_security, F\-Secure_internet_security, Internet_gatekeeper, Solutions_based_on_f\-Secure_personal_express N/A
2007-05-31 CVE-2007-2967 Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files. F\-Secure_anti\-Virus, F\-Secure_anti\-Virus_client_security, F\-Secure_anti\-Virus_linux_client_security, F\-Secure_anti\-Virus_linux_server_security, F\-Secure_internet_security, F\-Secure_protection_service, Internet_gatekeeper N/A
2007-05-31 CVE-2007-2966 Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. F\-Secure_anti\-Virus, F\-Secure_anti\-Virus_client_security, F\-Secure_anti\-Virus_linux_client_security, F\-Secure_anti\-Virus_linux_server_security, F\-Secure_internet_security, F\-Secure_protection_service, Internet_gatekeeper N/A
2007-05-31 CVE-2007-2965 Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space." F\-Secure_anti\-Virus, F\-Secure_anti\-Virus_client_security, F\-Secure_anti\-Virus_linux_client_security, F\-Secure_anti\-Virus_linux_server_security, F\-Secure_internet_security, F\-Secure_protection_service, Internet_gatekeeper N/A
2007-03-21 CVE-2007-1557 Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page. F\-Secure_anti\-Virus N/A
2006-12-10 CVE-2006-6409 F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. F\-Secure_anti\-Virus N/A
2006-07-10 CVE-2006-3490 F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls. F\-Secure_anti\-Virus, F\-Secure_internet_security, F\-Secure_service_platform_for_service_providers N/A