Summary
Detail | |||
---|---|---|---|
Vendor | F-Secure | First view | 2008-02-14 |
Product | F-Secure Protection Service For Consumers | Last view | 2009-02-06 |
Version | 5.00 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.6 | 2009-02-06 | CVE-2008-6085 | Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow. |
6.8 | 2008-03-20 | CVE-2008-1412 | Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats. |
7.5 | 2008-02-22 | CVE-2008-0910 | Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792. |
5.8 | 2008-02-14 | CVE-2008-0792 | Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (2) | CWE-264 | Permissions, Privileges, and Access Controls |
25% (1) | CWE-189 | Numeric Errors |
25% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
49189 | F-Secure Multiple Products Crafted RPM File Handling Overflow |
43222 | F-Secure Multiple Products Archive Handling Unspecified Code Execution |
42904 | F-Secure Multiple Products Crafted RAR Archive Scanning Bypass |
42903 | F-Secure Multiple Products Crafted CAB Archive Scanning Bypass |
OpenVAS Exploits
id | Description |
---|---|
2009-03-13 | Name : F-Secure Product(s) Integer Overflow Vulnerability (Linux) File : nvt/gb_fsecure_prdts_int_overflow_vuln_lin.nasl |
2009-03-13 | Name : F-Secure Product(s) Integer Overflow Vulnerability (Win) File : nvt/gb_fsecure_prdts_int_overflow_vuln_win.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2008-12-11 | Name: An antivirus application installed on the remote host is affected by a remote... File: fsecure_fsc_2008_03.nasl - Type: ACT_GATHER_INFO |
2008-03-28 | Name: A antivirus application installed on the remote host is affected by a remote ... File: fsecure_fsc_2008_02.nasl - Type: ACT_GATHER_INFO |