Product:

Internet_gatekeeper

(F\-Secure)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 47
Date Id Summary Products Score Patch Annotated
2020-02-22 CVE-2020-9342 The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper. Cloud_protection_for_salesforce, Email_and_server_security, Internet_gatekeeper 5.5
2021-09-28 CVE-2021-33600 A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product. Internet_gatekeeper 7.5
2021-09-28 CVE-2021-33601 A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server. Internet_gatekeeper 8.8
2021-10-06 CVE-2021-33602 A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. Atlant, Cloud_protection, Internet_gatekeeper, Linux_security 5.3
2021-10-08 CVE-2021-33603 A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Atlant, Cloud_protection_for_salesforce, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Elements_for_microsoft_365, Internet_gatekeeper, Linux_security 6.5
2021-10-08 CVE-2021-40832 A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Atlant, Cloud_protection_for_salesforce, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Elements_for_microsoft_365, Internet_gatekeeper, Linux_security 6.5
2021-11-26 CVE-2021-40833 A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Atlant, Elements_endpoint_protection, Internet_gatekeeper, Linux_security, Linux_security_64 5.5
2021-12-22 CVE-2021-40836 A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook .pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Atlant, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Internet_gatekeeper, Linux_security, Linux_security_64 5.5
2022-02-09 CVE-2021-40837 A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. Atlant, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Internet_gatekeeper, Linux_security, Security_cloud 5.3
2022-03-01 CVE-2021-44747 A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the Fmlib component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. Atlant, Elements_endpoint_protection, Internet_gatekeeper, Linux_security, Security_cloud 6.5