Search criteria
62 vulnerabilities found for Internet Security by ESET
CERTFR-2025-AVI-0727
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits ESET. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Server Security | Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) sans le dernier correctif de sécurité | ||
| ESET | Mail Security | Mail Security pour Microsoft Exchange Server sans le dernier correctif de sécurité | ||
| ESET | File Security | File Security pour Microsoft Azure sans le dernier correctif de sécurité | ||
| ESET | PROTECT On-Prem | PROTECT On-Prem versions 12.1.x antérieures à 12.1.11.0 | ||
| ESET | Security Ultimate | Security Ultimate sans le dernier correctif de sécurité | ||
| ESET | Endpoint Antivirus | Endpoint Antivirus pour Windows sans le dernier correctif de sécurité | ||
| ESET | Endpoint Security | Endpoint Security pour Windows sans le dernier correctif de sécurité | ||
| ESET | Security | Security pour Microsoft SharePoint Server sans le dernier correctif de sécurité | ||
| ESET | Safe Server | Safe Server sans le dernier correctif de sécurité | ||
| ESET | Small Business Security | Small Business Security sans le dernier correctif de sécurité | ||
| ESET | PROTECT On-Prem | PROTECT On-Prem versions 11.1.x antérieures à 11.1.18.0 | ||
| ESET | Smart Security Premium | Smart Security Premium sans le dernier correctif de sécurité | ||
| ESET | NOD32 Antivirus | NOD32 Antivirus sans le dernier correctif de sécurité | ||
| ESET | PROTECT On-Prem | PROTECT On-Prem versions 12.0.x antérieures à 12.0.15.0 | ||
| ESET | Mail Security | Mail Security pour IBM Domino sans le dernier correctif de sécurité | ||
| ESET | Internet Security | Internet Security sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Mail Security pour Microsoft Exchange Server sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "File Security pour Microsoft Azure sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "File Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "PROTECT On-Prem versions 12.1.x ant\u00e9rieures \u00e0 12.1.11.0",
"product": {
"name": "PROTECT On-Prem",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Security Ultimate sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Security Ultimate",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Endpoint Antivirus pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Endpoint Security pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Security pour Microsoft SharePoint Server sans le dernier correctif de s\u00e9curit\u00e9\n\n",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Safe Server sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Safe Server",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Small Business Security sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Small Business Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "PROTECT On-Prem versions 11.1.x ant\u00e9rieures \u00e0 11.1.18.0",
"product": {
"name": "PROTECT On-Prem",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Smart Security Premium sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Smart Security Premium",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "NOD32 Antivirus sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "NOD32 Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "PROTECT On-Prem versions 12.0.x ant\u00e9rieures \u00e0 12.0.15.0",
"product": {
"name": "PROTECT On-Prem",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Mail Security pour IBM Domino sans le dernier correctif de s\u00e9curit\u00e9\n",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Internet Security sans le dernier correctif de s\u00e9curit\u00e9\n",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8352",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8352"
},
{
"name": "CVE-2025-4952",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4952"
},
{
"name": "CVE-2025-48976",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
},
{
"name": "CVE-2025-48988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0727",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-25T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits ESET. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ESET",
"vendor_advisories": [
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 ESET ca8854",
"url": "https://support-feed.eset.com/link/15370/17124579/ca8854"
},
{
"published_at": "2025-08-21",
"title": "Bulletin de s\u00e9curit\u00e9 ESET ca8853",
"url": "https://support-feed.eset.com/link/15370/17124580/ca8853"
}
]
}
CERTFR-2025-AVI-0623
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits ESET. Elles permettent à un attaquant de provoquer une élévation de privilèges et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Endpoint Security | Endpoint Security versions antérieures à 11.1.2062.0 pour Windows | ||
| ESET | Small Business Security | Small Business Security versions antérieures à 18.2.14.0 | ||
| ESET | Security | Security versions 11.x antérieures à 11.1.15005.0 pour Microsoft SharePoint Server | ||
| ESET | Mail Security | Mail Security versions 11.x antérieures à 11.1.10013 pour Microsoft Exchange Server | ||
| ESET | Internet Security | Internet Security versions antérieures à 18.2.14.0 | ||
| ESET | Server Security | Server Security versions 12.x antérieures à 12.0.12005.0 pour Windows | ||
| ESET | Smart Security Premium | Smart Security Premium versions antérieures à 18.2.14.0 | ||
| ESET | Security | Security versions 12.x antérieures à 12.0.15005.0 pour Microsoft SharePoint Server | ||
| ESET | Safe Server | Safe Server versions antérieures à 18.2.14.0 | ||
| ESET | Security Ultimate | Security Ultimate versions antérieures à 18.2.14.0 | ||
| ESET | Server Security | Server Security versions 11.x antérieures à 11.1.12013.0 pour Windows | ||
| ESET | Mail Security | Mail Security versions 12.x antérieures à 12.0.10004.0 pour Microsoft Exchange Server | ||
| ESET | Endpoint Antivirus | Endpoint Antivirus versions antérieures à 12.0.2058.0 pour Windows | ||
| ESET | NOD32 Antivirus | NOD32 Antivirus versions antérieures à 18.2.14.0 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Endpoint Security versions ant\u00e9rieures \u00e0 11.1.2062.0 pour Windows",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Small Business Security versions ant\u00e9rieures \u00e0 18.2.14.0",
"product": {
"name": "Small Business Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Security versions 11.x ant\u00e9rieures \u00e0 11.1.15005.0 pour Microsoft SharePoint Server",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Mail Security versions 11.x ant\u00e9rieures \u00e0 11.1.10013 pour Microsoft Exchange Server",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Internet Security versions ant\u00e9rieures \u00e0 18.2.14.0",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Server Security versions 12.x ant\u00e9rieures \u00e0 12.0.12005.0 pour Windows",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Smart Security Premium versions ant\u00e9rieures \u00e0 18.2.14.0",
"product": {
"name": "Smart Security Premium",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Security versions 12.x ant\u00e9rieures \u00e0 12.0.15005.0 pour Microsoft SharePoint Server",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Safe Server versions ant\u00e9rieures \u00e0 18.2.14.0",
"product": {
"name": "Safe Server",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Security Ultimate versions ant\u00e9rieures \u00e0 18.2.14.0",
"product": {
"name": "Security Ultimate",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Server Security versions 11.x ant\u00e9rieures \u00e0 11.1.12013.0 pour Windows",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Mail Security versions 12.x ant\u00e9rieures \u00e0 12.0.10004.0 pour Microsoft Exchange Server",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Endpoint Antivirus versions ant\u00e9rieures \u00e0 12.0.2058.0 pour Windows",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "NOD32 Antivirus versions ant\u00e9rieures \u00e0 18.2.14.0",
"product": {
"name": "NOD32 Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-5028",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5028"
},
{
"name": "CVE-2025-2425",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2425"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0623",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits ESET. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ESET",
"vendor_advisories": [
{
"published_at": "2025-07-16",
"title": "Bulletin de s\u00e9curit\u00e9 ESET ca8840",
"url": "https://support-feed.eset.com/link/15370/17103529/ca8840"
},
{
"published_at": "2025-07-09",
"title": "Bulletin de s\u00e9curit\u00e9 ESET ca8838",
"url": "https://support-feed.eset.com/link/15370/17103530/ca8838"
}
]
}
CERTFR-2025-AVI-0280
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Smart Security Premium | Smart Security Premium versions antériéures à 18.1.10.0 | ||
| ESET | Server Security | Server Security versions antérieures à 11.1.12009.0 pour Windows Server | ||
| ESET | NOD32 Antivirus | NOD32 Antivirus versions antériéures à 18.1.10.0 | ||
| ESET | Internet Security | Internet Security versions antériéures à 18.1.10.0 | ||
| ESET | Endpoint Security | Endpoint Security versions antérieures à 12.0.2045.0 | ||
| ESET | Endpoint Antivirus | Endpoint Antivirus versions antérieures à 12.0.2045.0 | ||
| ESET | Mail Security | Mail Security versions antérieures à 11.1.10011.0, 11.0.10010.0 et 10.1.10017.0 pour Microsoft Exchange Server | ||
| ESET | Security Ultimate | Security Ultimate versions antériéures à 18.1.10.0 | ||
| ESET | Endpoint Antivirus | Endpoint Antivirus versions antérieures à 11.1.2059.0 | ||
| ESET | Security | Security versions antérieures à 11.1.15003.0, 11.0.15007.0, 10.0.15008.0 pour Microsoft SharePoint Server | ||
| ESET | Safe Server | ESET Safe Server versions antérieures à 18.1.10.0 | ||
| ESET | Endpoint Security | Endpoint Security versions antérieures à 11.1.2059.0 | ||
| ESET | Small Business Security | Small Business Security versions antérieures à 18.1.10.0 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Smart Security Premium versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
"product": {
"name": "Smart Security Premium",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Server Security versions ant\u00e9rieures \u00e0 11.1.12009.0 pour Windows Server",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "NOD32 Antivirus versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
"product": {
"name": "NOD32 Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Internet Security versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Endpoint Security versions ant\u00e9rieures \u00e0 12.0.2045.0",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Endpoint Antivirus versions ant\u00e9rieures \u00e0 12.0.2045.0",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Mail Security versions ant\u00e9rieures \u00e0 11.1.10011.0, 11.0.10010.0 et 10.1.10017.0 pour Microsoft Exchange Server",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Security Ultimate versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
"product": {
"name": "Security Ultimate",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Endpoint Antivirus versions ant\u00e9rieures \u00e0 11.1.2059.0",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Security versions ant\u00e9rieures \u00e0 11.1.15003.0, 11.0.15007.0, 10.0.15008.0 pour Microsoft SharePoint Server",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Safe Server versions ant\u00e9rieures \u00e0 18.1.10.0",
"product": {
"name": "Safe Server",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Endpoint Security versions ant\u00e9rieures \u00e0 11.1.2059.0",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Small Business Security versions ant\u00e9rieures \u00e0 18.1.10.0",
"product": {
"name": "Small Business Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-11859",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11859"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0280",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits ESET. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
"vendor_advisories": [
{
"published_at": "2025-04-04",
"title": "Bulletin de s\u00e9curit\u00e9 ESET CA8810",
"url": "https://support-feed.eset.com/link/15370/16999046/ca8810"
}
]
}
CERTFR-2024-AVI-0801
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits ESET. Elles permettent à un attaquant de provoquer une élévation de privilèges et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Safe Server | ESET Safe Server sans le correctif de sécurité Cleaner module 1251 | ||
| ESET | Small Business Security | ESET Small Business Security sans le correctif de sécurité Cleaner module 1251 | ||
| ESET | Security Ultimate | ESET Security Ultimate sans le correctif de sécurité Cleaner module 1251 | ||
| ESET | Endpoint Security | ESET Endpoint Security sans le correctif de sécurité Cleaner module 1251 pour Windows | ||
| ESET | File Security | ESET File Security sans le correctif de sécurité Cleaner module 1251 pour Microsoft Azure | ||
| ESET | NOD32 Antivirus | ESET NOD32 Antivirus sans le correctif de sécurité Cleaner module 1251 | ||
| ESET | Internet Security | ESET Internet Security sans le correctif de sécurité Cleaner module 1251 | ||
| ESET | Mail Security | ESET Mail Security sans le correctif de sécurité Cleaner module 1251 pour Microsoft Exchange Server et IBM Domino | ||
| ESET | Smart Security Premium | ESET Smart Security Premium sans le correctif de sécurité Cleaner module 1251 | ||
| ESET | Server Security | ESET Server Security sans le correctif de sécurité Cleaner module 1251 pour Windows Server | ||
| ESET | Endpoint Security | ESET Endpoint Security versions antérieures à 8.0.7200.0 pour macOS | ||
| ESET | Cyber Security | ESET Cyber Security versions antérieures à 7.5.74.0 | ||
| ESET | Endpoint Antivirus | ESET Endpoint Antivirus sans le correctif de sécurité Cleaner module 1251 | ||
| ESET | Security | ESET Security sans le correctif de sécurité Cleaner module 1251 pour Microsoft SharePoint Server |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ESET Safe Server sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
"product": {
"name": "Safe Server",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Small Business Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
"product": {
"name": "Small Business Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Security Ultimate sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
"product": {
"name": "Security Ultimate",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Windows",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET File Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Microsoft Azure",
"product": {
"name": "File Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET NOD32 Antivirus sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
"product": {
"name": "NOD32 Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Internet Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Mail Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Microsoft Exchange Server et IBM Domino ",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Smart Security Premium sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
"product": {
"name": "Smart Security Premium",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Server Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Windows Server",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Security versions ant\u00e9rieures \u00e0 8.0.7200.0 pour macOS ",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Cyber Security versions ant\u00e9rieures \u00e0 7.5.74.0 ",
"product": {
"name": "Cyber Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Antivirus sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Microsoft SharePoint Server",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-6654",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6654"
},
{
"name": "CVE-2024-7400",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-7400"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0801",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-23T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits ESET. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ESET",
"vendor_advisories": [
{
"published_at": "2024-09-20",
"title": "Bulletin de s\u00e9curit\u00e9 ESET ca8725",
"url": "https://support-feed.eset.com/link/15370/16815452/ca8725"
},
{
"published_at": "2024-09-20",
"title": "Bulletin de s\u00e9curit\u00e9 ESET ca8726",
"url": "https://support-feed.eset.com/link/15370/16815451/ca8726"
}
]
}
CERTFR-2024-AVI-0581
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Smart Security Premium | ESET Smart Security Premium versions antérieures à 17.2.7.0 | ||
| ESET | Mail Security | ESET Mail Security versions antérieures à 11.0.10008.0 pour Microsoft Exchange Server | ||
| ESET | Security | ESET Security versions antérieures à 11.0.15004.0 pour Microsoft SharePoint Server | ||
| ESET | Server Security | ESET Server Security versions antérieures à 11.0.12012.0 pour Windows Server | ||
| ESET | Endpoint Antivirus | ESET Endpoint Antivirus versions antérieures à 11.1.2039.0 pour Windows | ||
| ESET | Security Ultimate | ESET Security Ultimate versions antérieures à 17.2.7.0 | ||
| ESET | Internet Security | ESET Internet Security versions antérieures à 17.2.7.0 | ||
| ESET | Endpoint Security | ESET Endpoint Security versions antérieures à 11.1.2039.0 pour Windows | ||
| ESET | NOD32 Antivirus | ESET NOD32 Antivirus versions antérieures à 17.2.7.0 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ESET Smart Security Premium versions ant\u00e9rieures \u00e0 17.2.7.0",
"product": {
"name": "Smart Security Premium",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Mail Security versions ant\u00e9rieures \u00e0 11.0.10008.0 pour Microsoft Exchange Server",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Security versions ant\u00e9rieures \u00e0 11.0.15004.0 pour Microsoft SharePoint Server",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Server Security versions ant\u00e9rieures \u00e0 11.0.12012.0 pour Windows Server",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Antivirus versions ant\u00e9rieures \u00e0 11.1.2039.0 pour Windows",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Security Ultimate versions ant\u00e9rieures \u00e0 17.2.7.0",
"product": {
"name": "Security Ultimate",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": " ESET Internet Security versions ant\u00e9rieures \u00e0 17.2.7.0",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Security versions ant\u00e9rieures \u00e0 11.1.2039.0 pour Windows",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET NOD32 Antivirus versions ant\u00e9rieures \u00e0 17.2.7.0",
"product": {
"name": "NOD32 Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-3779",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3779"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0581",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits ESET. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
"vendor_advisories": [
{
"published_at": "2024-07-12",
"title": "Bulletin de s\u00e9curit\u00e9 ESET ca8688",
"url": "https://support-feed.eset.com/link/15370/16741922/ca8688"
}
]
}
CERTFR-2023-AVI-1053
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Security Ultimate | ESET Security Ultimate | ||
| ESET | Endpoint Antivirus | ESET Endpoint Antivirus versions postérieures à 10.0 pour Linux | ||
| ESET | Server Security | ESET Server Security versions postérieures à 10.1 pour Linux | ||
| ESET | Endpoint Antivirus | ESET Endpoint Antivirus pour Windows | ||
| ESET | NOD32 Antivirus | ESET NOD32 Antivirus | ||
| ESET | Endpoint Security | ESET Endpoint Security pour Windows | ||
| ESET | Smart Security Premium | ESET Smart Security Premium | ||
| ESET | Mail Security | ESET Mail Security pour Microsoft Exchange Server | ||
| ESET | Internet Security | ESET Internet Security | ||
| ESET | Server Security | ESET Server Security pour Windows Server | ||
| ESET | Mail Security | ESET Mail Security pour IBM Domino | ||
| ESET | Security | ESET Security pour Microsoft SharePoint Server | ||
| ESET | File Security | ESET File Security pour Microsoft Azure |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "ESET Security Ultimate",
"product": {
"name": "Security Ultimate",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Antivirus versions post\u00e9rieures \u00e0 10.0 pour Linux",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Server Security versions post\u00e9rieures \u00e0 10.1 pour Linux",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Antivirus pour Windows",
"product": {
"name": "Endpoint Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET NOD32 Antivirus",
"product": {
"name": "NOD32 Antivirus",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Endpoint Security pour Windows",
"product": {
"name": "Endpoint Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Smart Security Premium",
"product": {
"name": "Smart Security Premium",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Mail Security pour Microsoft Exchange Server",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Internet Security",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Server Security pour Windows Server",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Mail Security pour IBM Domino",
"product": {
"name": "Mail Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET Security pour Microsoft SharePoint Server",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "ESET File Security pour Microsoft Azure",
"product": {
"name": "File Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-5594",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5594"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 ESET\u00a0CA8562 du 20 d\u00e9cembre 2023",
"url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed"
}
],
"reference": "CERTFR-2023-AVI-1053",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-12-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nproduits ESET\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 ESET CA8562 du 20 d\u00e9cembre 2023",
"url": null
}
]
}
CERTA-2011-AVI-471
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans certains produits F-Secure permet l'exécution de code arbitraire à distance.
Description
Une vulnérabilité a été découverte dans une bibliothèque utilisée par plusieurs produits F-Secure. L'exploitation de cette vulnérabilité permet l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | N/A | solutions basées sur F-Secure Protection Service for Consumers version 9 ; | ||
| ESET | Security | solutions basées sur F-Secure Protection Service for Business - Workstation security version 9. | ||
| ESET | Internet Security | F-Secure Internet Security 2010 et 2011 ; | ||
| N/A | N/A | F-Secure Anti-Virus 2010 et 2011 ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "solutions bas\u00e9es sur F-Secure Protection Service for Consumers version 9 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "solutions bas\u00e9es sur F-Secure Protection Service for Business - Workstation security version 9.",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2010 et 2011 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus 2010 et 2011 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans une biblioth\u00e8que utilis\u00e9e par\nplusieurs produits F-Secure. L\u0027exploitation de cette vuln\u00e9rabilit\u00e9\npermet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"links": [],
"reference": "CERTA-2011-AVI-471",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-08-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans certains produits \u003cspan\nclass=\"textit\"\u003eF-Secure\u003c/span\u003e permet l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits F-Secure",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F-Secure FSC-2011-3 du 23 ao\u00fbt 2011",
"url": "http://www.f-secure.com/en_EMEA-Labs/news-info/security-advisories/fsc-2011-3.html"
}
]
}
CERTA-2011-AVI-106
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans CA HIPS permet l'exécution de code arbitraire à distance.
Description
Une vulnérabilité a été découverte dans le contrôle ActiveX XMLSecDB utilisé par CA HIPS. L'exploitation de cette vulnérabilité, par le biais d'une page Web ou d'un fichier spécifique, permet l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour la correction de cette vulnérabilité (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Internet Security | CA Internet Security Suite (ISS) 2010. | ||
| N/A | N/A | CA Host-Based Intrusion Prevention System (HIPS) version r8.1 ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CA Internet Security Suite (ISS) 2010.",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Host-Based Intrusion Prevention System (HIPS) version r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le contr\u00f4le ActiveX XMLSecDB\nutilis\u00e9 par CA HIPS. L\u0027exploitation de cette vuln\u00e9rabilit\u00e9, par le biais\nd\u0027une page Web ou d\u0027un fichier sp\u00e9cifique, permet l\u0027ex\u00e9cution de code\narbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour la correction de\ncette vuln\u00e9rabilit\u00e9 (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-1036",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1036"
}
],
"links": [],
"reference": "CERTA-2011-AVI-106",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2011-02-24T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eCA HIPS\u003c/span\u003e permet\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans CA HIPS",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 CA20110223-01 du 23 f\u00e9vrier 2011",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}"
}
]
}
CERTA-2009-AVI-465
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans les produits F-Secure permet de contourner le mécanisme de détection des codes malveillants.
Description
Une vulnérabilité a été découverte dans le traitement des fichiers au format PDF par les produits F-Secure. L'exploitation de cette vulnérabilité permet de contourner le mécanisme de détection des codes malveillants.
Solution
Le problème est corrigé via la mise à jour automatique des définitions de code malveillant. Néanmoins, pour les systèmes sur lesquels cette mise à jour est désactivé, ou pour ceux non connectés à l'Internet, cette opération doit être effectuée manuellement.
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | F-Secure Anti-Virus for Linux Servers version 4.65 ; | ||
| N/A | N/A | solutions basées sur F-Secure Protection Service for Consumers versions 8.00 et antérieures ; | ||
| N/A | N/A | F-Secure Internet Gatekeeper for Linux Japanese versions 2.37 et antérieures ; | ||
| N/A | N/A | F-Secure Internet Gatekeeper for Linux versions 3.02 et antérieures ; | ||
| ESET | Security | F-Secure Linux Security versions 7.02 et antérieures ; | ||
| Microsoft | Windows | F-Secure Internet Gatekeeper for Windows versions 6.61 et antérieures ; | ||
| N/A | N/A | F-Secure Anti-Virus versions 2009 et antérieures ; | ||
| N/A | N/A | F-Secure Anti-Virus for Workstations versions 8.0 et antérieures ; | ||
| Microsoft | N/A | F-Secure Anti-Virus for Microsoft Exchange versions 8.00 et antérieures ; | ||
| ESET | Server Security | F-Secure Anti-Virus Linux Server Security versions 5.54 et antérieures ; | ||
| ESET | Server Security | F-Secure Home Server Security version 2009 ; | ||
| N/A | N/A | F-Secure Anti-Virus for MIMEsweeper versions 5.61 et antérieures. | ||
| ESET | Server Security | solutions basées sur F-Secure Protection Service for Business - E-mail and Server security versions 8.00 et antérieures ; | ||
| Citrix | N/A | F-Secure Anti-Virus for Citrix Servers versions 7.00 et antérieures ; | ||
| ESET | Internet Security | F-Secure Internet Security versions 2009 et antérieures ; | ||
| Microsoft | Windows | F-Secure Anti-Virus for Windows Servers versions 8.00 et antérieures ; | ||
| ESET | Security | F-Secure Client Security versions 8.01 et antérieures ; | ||
| ESET | Security | F-Secure Anti-Virus Linux Client Security versions 5.54 et antérieures ; | ||
| ESET | Security | solutions basées sur F-Secure Protection Service for Business - Workstation security versions 8.00 et antérieures ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "F-Secure Anti-Virus for Linux Servers version 4.65 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "solutions bas\u00e9es sur F-Secure Protection Service for Consumers versions 8.00 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Internet Gatekeeper for Linux Japanese versions 2.37 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Internet Gatekeeper for Linux versions 3.02 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Linux Security versions 7.02 et ant\u00e9rieures ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Gatekeeper for Windows versions 6.61 et ant\u00e9rieures ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus versions 2009 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Workstations versions 8.0 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Microsoft Exchange versions 8.00 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Linux Server Security versions 5.54 et ant\u00e9rieures ;",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Home Server Security version 2009 ;",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for MIMEsweeper versions 5.61 et ant\u00e9rieures.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "solutions bas\u00e9es sur F-Secure Protection Service for Business - E-mail and Server security versions 8.00 et ant\u00e9rieures ;",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Citrix Servers versions 7.00 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security versions 2009 et ant\u00e9rieures ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Windows Servers versions 8.00 et ant\u00e9rieures ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Client Security versions 8.01 et ant\u00e9rieures ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Linux Client Security versions 5.54 et ant\u00e9rieures ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "solutions bas\u00e9es sur F-Secure Protection Service for Business - Workstation security versions 8.00 et ant\u00e9rieures ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le traitement des fichiers au\nformat PDF par les produits F-Secure. L\u0027exploitation de cette\nvuln\u00e9rabilit\u00e9 permet de contourner le m\u00e9canisme de d\u00e9tection des codes\nmalveillants.\n\n## Solution\n\nLe probl\u00e8me est corrig\u00e9 via la mise \u00e0 jour automatique des d\u00e9finitions\nde code malveillant. N\u00e9anmoins, pour les syst\u00e8mes sur lesquels cette\nmise \u00e0 jour est d\u00e9sactiv\u00e9, ou pour ceux non connect\u00e9s \u00e0 l\u0027Internet,\ncette op\u00e9ration doit \u00eatre effectu\u00e9e manuellement.\n",
"cves": [],
"links": [],
"reference": "CERTA-2009-AVI-465",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-10-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans les produits \u003cspan class=\"textit\"\u003eF-Secure\u003c/span\u003e\npermet de contourner le m\u00e9canisme de d\u00e9tection des codes malveillants.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits F-Secure",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 FSC-2009-3 du 29 octobre 2009",
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-3.html"
}
]
}
CERTA-2009-AVI-431
Vulnerability from certfr_avis - Published: - Updated:
Deux vulnérabilités dans CA Anti-Virus permettent d'exécuter du code arbitraire ou de réaliser un déni de service à distance.
Description
Deux vulnérabilités ont été découvertes dans le traitement des fichiers au format RAR par le composant arclib de CA Anti-Virus. L'exploitation de ces vulnérabilités permet de réaliser un déni de service ou d'exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | CA Threat Manager for the Enterprise (autrefois appelé eTrust Integrated Threat Management) r8 et 8.1 ; | ||
| Microsoft | Windows | CA ARCserve for Windows Server component ; | ||
| N/A | N/A | eTrust EZ Antivirus r7.1 ; | ||
| ESET | Internet Security | CA Internet Security Suite Plus 2008 ; | ||
| N/A | N/A | CA Anti-Virus SDK (autrefois appelé eTrust Anti-Virus SDK) ; | ||
| N/A | N/A | CA Common Services r3.1, r11 et r11.1 ; | ||
| N/A | N/A | CA Secure Content Manager (autrefois appelé eTrust Secure Content Manager) 1.1 et 8.0 ; | ||
| N/A | N/A | CA Anti-Virus 2007 (v8) ; | ||
| N/A | N/A | CA ARCserve Backup pour Linux r11.1 et r11.5 ; | ||
| ESET | Security | CA Gateway Security r8.1 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2008 ; | ||
| N/A | N/A | CA Threat Manager Total Defense ; | ||
| Microsoft | Windows | CA ARCserve Backup pour Windows r11.5, r12, r12.0 SP1, r12.0 SP2 et r12.5 ; | ||
| N/A | N/A | CA Anti-Virus Gateway (autrefois appelé eTrust Antivirus Gateway) 7.1. | ||
| N/A | N/A | CA Anti-Virus 2009 ; | ||
| Microsoft | Windows | CA ARCserve for Windows Client Agent ; | ||
| N/A | N/A | CA eTrust Intrusion Detection 2.0 SP1, 3.0 et 3.0 SP1 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2007 (v3) ; | ||
| ESET | Internet Security | CA Internet Security Suite Plus 2009 ; | ||
| N/A | N/A | CA Anti-Virus 2008 ; | ||
| N/A | N/A | CA Network and Systems Management (autrefois appelé Unicenter Network and Systems Management) r3.0, r3.1, r11, r11.1 ; | ||
| N/A | N/A | CA Anti-Virus Plus 2009 ; | ||
| N/A | N/A | CA Anti-Virus for the Enterprise (autrefois appelé eTrust Antivirus) 7.1, r8 et r8.1 ; | ||
| N/A | N/A | CA Protection Suites r2, r3 et r3.1 ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CA Threat Manager for the Enterprise (autrefois appel\u00e9 eTrust Integrated Threat Management) r8 et 8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA ARCserve for Windows Server component ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "eTrust EZ Antivirus r7.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite Plus 2008 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Anti-Virus SDK (autrefois appel\u00e9 eTrust Anti-Virus SDK) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Common Services r3.1, r11 et r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Secure Content Manager (autrefois appel\u00e9 eTrust Secure Content Manager) 1.1 et 8.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus 2007 (v8) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA ARCserve Backup pour Linux r11.1 et r11.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Gateway Security r8.1 ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2008 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Threat Manager Total Defense ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA ARCserve Backup pour Windows r11.5, r12, r12.0 SP1, r12.0 SP2 et r12.5 ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CA Anti-Virus Gateway (autrefois appel\u00e9 eTrust Antivirus Gateway) 7.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus 2009 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA ARCserve for Windows Client Agent ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CA eTrust Intrusion Detection 2.0 SP1, 3.0 et 3.0 SP1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2007 (v3) ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite Plus 2009 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Anti-Virus 2008 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Network and Systems Management (autrefois appel\u00e9 Unicenter Network and Systems Management) r3.0, r3.1, r11, r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus Plus 2009 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus for the Enterprise (autrefois appel\u00e9 eTrust Antivirus) 7.1, r8 et r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Protection Suites r2, r3 et r3.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le traitement des fichiers\nau format RAR par le composant arclib de CA Anti-Virus. L\u0027exploitation\nde ces vuln\u00e9rabilit\u00e9s permet de r\u00e9aliser un d\u00e9ni de service ou\nd\u0027ex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-3588",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3588"
},
{
"name": "CVE-2009-3587",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3587"
}
],
"links": [],
"reference": "CERTA-2009-AVI-431",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-10-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eCA Anti-Virus\u003c/span\u003e\npermettent d\u0027ex\u00e9cuter du code arbitraire ou de r\u00e9aliser un d\u00e9ni de\nservice \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans CA Anti-Virus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 CA20091008-01 du 08 octobre 2009",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878"
}
]
}
CERTA-2009-AVI-343
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans CA Internet Security Suite permet de réaliser un déni de service.
Description
Une vulnérabilité a été découverte dans le pilote vetmonnt.sys de CA Internet Security Suite. Un utilisateur local malintentionné peut, par le biais d'un appel IOCTL spécifique, provoquer un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Internet Security | CA Internet Security Suite r5 32 bit. | ||
| ESET | Internet Security | CA Internet Security Suite r4 32 bit ; | ||
| ESET | Internet Security | CA Internet Security Suite r3 ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CA Internet Security Suite r5 32 bit.",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite r4 32 bit ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite r3 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le pilote vetmonnt.sys de CA\nInternet Security Suite. Un utilisateur local malintentionn\u00e9 peut, par\nle biais d\u0027un appel IOCTL sp\u00e9cifique, provoquer un d\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-0682",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0682"
}
],
"links": [],
"reference": "CERTA-2009-AVI-343",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-08-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans \u003cspan class=\"textit\"\u003eCA Internet Security\nSuite\u003c/span\u003e permet de r\u00e9aliser un d\u00e9ni de service.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans CA Internet Security Suite",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 CA20090818-02 du 18 ao\u00fbt 2009",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=214673"
}
]
}
CERTA-2009-AVI-033
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités dans CA Anti-Virus permettent de contourner le mécanisme de détection des codes malveillants.
Description
De multiples vulnérabilités ont été découvertes dans le moteur de CA Anti-Virus. À l'aide d'une archive spécifiquement constituée, un utilisateur malintentionné peut contourner le mécanisme de détection des codes malveillants.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | CA Anti-Virus for the Enterprise (autrefois appelé eTrust Antivirus) versions 7.1, r8 et r8.1 ; | ||
| Microsoft | Windows | CA ARCserve client agent for Windows ; | ||
| N/A | N/A | CA Secure Content Manager (autrefois appelé eTrust Secure Content Manager) versions 8.0 et 8.1 ; | ||
| N/A | N/A | CA Anti-Virus 2007 version v8 ; | ||
| ESET | N/A | CA Anti-Spyware 2008 ; | ||
| N/A | N/A | CA Threat Manager for the Enterprise (autrefois appelé eTrust Integrated Threat Management) versions r8 et r8.1 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2008 ; | ||
| Microsoft | Windows | CA ARCserve Backup versions r11.1, r11.5 et r12 pour Windows ; | ||
| N/A | N/A | CA Network and Systems Management (autrefois appelé Unicenter Network and Systems Management versions r3.0, r3.1, r11 et r11.1 ; | ||
| ESET | N/A | CA Common Services versions r11, r11.1 ; | ||
| ESET | N/A | CA Anti-Spyware for the Enterprise (autrefois appelé eTrust PestPatrol) versions r8 et r8.1 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2007 version v3 ; | ||
| N/A | N/A | CA eTrust Intrusion Detection versions 2.0 SP1, 3.0, 3.0 SP1 et 4.0 ; | ||
| N/A | N/A | CA Anti-Virus 2008 ; | ||
| ESET | N/A | eTrust EZ Antivirus versions r7 et r6.1 ; | ||
| ESET | N/A | CA ARCserve Backup versions r11.1 et r11.5 pour Linux ; | ||
| N/A | N/A | CA Protection Suites versions r2, r3 et r3.1 ; | ||
| ESET | N/A | CA Anti-Virus Gateway (autrefois appelé eTrust Antivirus Gateway) version 7.1 ; | ||
| N/A | N/A | CA Anti-Spyware 2007 ; | ||
| N/A | N/A | CA Anti-Virus SDK (autrefois appelé eTrust Anti-Virus SDK). |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CA Anti-Virus for the Enterprise (autrefois appel\u00e9 eTrust Antivirus) versions 7.1, r8 et r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA ARCserve client agent for Windows ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CA Secure Content Manager (autrefois appel\u00e9 eTrust Secure Content Manager) versions 8.0 et 8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus 2007 version v8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Spyware 2008 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Threat Manager for the Enterprise (autrefois appel\u00e9 eTrust Integrated Threat Management) versions r8 et r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2008 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA ARCserve Backup versions r11.1, r11.5 et r12 pour Windows ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "CA Network and Systems Management (autrefois appel\u00e9 Unicenter Network and Systems Management versions r3.0, r3.1, r11 et r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Common Services versions r11, r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Anti-Spyware for the Enterprise (autrefois appel\u00e9 eTrust PestPatrol) versions r8 et r8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2007 version v3 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA eTrust Intrusion Detection versions 2.0 SP1, 3.0, 3.0 SP1 et 4.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus 2008 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "eTrust EZ Antivirus versions r7 et r6.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA ARCserve Backup versions r11.1 et r11.5 pour Linux ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Protection Suites versions r2, r3 et r3.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus Gateway (autrefois appel\u00e9 eTrust Antivirus Gateway) version 7.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Anti-Spyware 2007 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Anti-Virus SDK (autrefois appel\u00e9 eTrust Anti-Virus SDK).",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le moteur de CA\nAnti-Virus. \u00c0 l\u0027aide d\u0027une archive sp\u00e9cifiquement constitu\u00e9e, un\nutilisateur malintentionn\u00e9 peut contourner le m\u00e9canisme de d\u00e9tection des\ncodes malveillants.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-0042",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0042"
}
],
"links": [],
"reference": "CERTA-2009-AVI-033",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2009-01-28T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eCA\nAnti-Virus\u003c/span\u003e permettent de contourner le m\u00e9canisme de d\u00e9tection des\ncodes malveillants.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans CA Anti-Virus",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 CA20090126-01 du 26 janvier 2009",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=197601"
}
]
}
CERTA-2008-AVI-517
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité dans de nombreux produits F-Secure permet l'exécution de code arbitraire à distance.
Description
Une vulnérabilité a été découverte lors du traitement des archives RPM par de nombreux produits F-Secure. Cette vulnérabilité n'est exploitable que si l'antivirus a été configuré pour analyser les fichiers contenus dans l'archive. Elle permet l'exécution de code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Internet Security | F-Secure Internet Security 2006 ; | ||
| ESET | Internet Security | F-Secure Internet Security 2007 Second Edition ; | ||
| ESET | Internet Security | F-Secure Internet Security 2007 ; | ||
| ESET | Security | F-Secure Client Security versions 7.12 et antérieures ; | ||
| N/A | N/A | F-Secure Antivirus 2007 Second Edition ; | ||
| N/A | N/A | produits basés sur F-Secure Protection Service for Consumers versions 8.00 et antérieures ; | ||
| ESET | Security | F-Secure Anti-Virus Client Security versions 5.54 et antérieures ; | ||
| N/A | N/A | produits basés sur F-Secure Protection Service for Business versions 3.10 et antérieures ; | ||
| ESET | Server Security | F-Secure Anti-Virus Linux Server Security versions 5.54 et antérieures ; | ||
| ESET | N/A | F-Secure Antivirus 2008 ; | ||
| N/A | N/A | F-Secure Anti-Virus for Linux Servers version 4.65. | ||
| ESET | N/A | F-Secure Anti-Virus for Workstations versions 7.11 et antérieures ; | ||
| Citrix | N/A | F-Secure Anti-Virus for Citrix Servers versions 7.00 et antérieures ; | ||
| N/A | N/A | F-Secure Antivirus 2007 ; | ||
| Microsoft | Windows | F-Secure Anti-Virus for Windows Servers versions 8.00 et antérieures ; | ||
| ESET | Security | F-Secure Linux Security versions 7.01 et antérieures ; | ||
| ESET | N/A | F-Secure Antivirus 2006 ; | ||
| ESET | Internet Security | F-Secure Internet Security 2008 ; | ||
| ESET | Server Security | F-Secure Home Server Security 2009 ; |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "F-Secure Internet Security 2006 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2007 Second Edition ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2007 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Client Security versions 7.12 et ant\u00e9rieures ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Antivirus 2007 Second Edition ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "produits bas\u00e9s sur F-Secure Protection Service for Consumers versions 8.00 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Client Security versions 5.54 et ant\u00e9rieures ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "produits bas\u00e9s sur F-Secure Protection Service for Business versions 3.10 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Linux Server Security versions 5.54 et ant\u00e9rieures ;",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Antivirus 2008 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Linux Servers version 4.65.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Workstations versions 7.11 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Citrix Servers versions 7.00 et ant\u00e9rieures ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "F-Secure Antivirus 2007 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Windows Servers versions 8.00 et ant\u00e9rieures ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Linux Security versions 7.01 et ant\u00e9rieures ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Antivirus 2006 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2008 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Home Server Security 2009 ;",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte lors du traitement des archives RPM\npar de nombreux produits F-Secure. Cette vuln\u00e9rabilit\u00e9 n\u0027est exploitable\nque si l\u0027antivirus a \u00e9t\u00e9 configur\u00e9 pour analyser les fichiers contenus\ndans l\u0027archive. Elle permet l\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"links": [],
"reference": "CERTA-2008-AVI-517",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-10-22T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans de nombreux produits \u003cspan\nclass=\"textit\"\u003eF-Secure\u003c/span\u003e permet l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les produits F-Secure",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F-Secure FSC-2008-3 du 21 octobre 2008",
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
}
]
}
CERTA-2008-AVI-401
Vulnerability from certfr_avis - Published: - Updated:
Plusieurs vulnérabilités ont été identifiées dans des produits de sécurité CA. Elles permettraient à des personnes locales d'exécuter du code arbitraire ou de perturber à distance le fonctionnement du service.
Description
Plusieurs vulnérabilités ont été identifiées dans des produits de sécurité CA. Elles permettraient à des personnes locales d'exécuter du code arbitraire ou de perturber à distance le fonctionnement du système. Ces vulnérabilités affectent le pilote kmxfw.sys.
Solution
Se référer aux bulletins de sécurité de CA pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | CA Host-Based Intrusion Prevention System r8 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2007 ; | ||
| ESET | Internet Security | CA Internet Security Suite 2008 ; | ||
| ESET | N/A | CA Personal Firewall 2008. | ||
| ESET | N/A | CA Personal Firewall 2007 ; |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CA Host-Based Intrusion Prevention System r8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2007 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Internet Security Suite 2008 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Personal Firewall 2008.",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CA Personal Firewall 2007 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans des produits de\ns\u00e9curit\u00e9 CA. Elles permettraient \u00e0 des personnes locales d\u0027ex\u00e9cuter du\ncode arbitraire ou de perturber \u00e0 distance le fonctionnement du syst\u00e8me.\nCes vuln\u00e9rabilit\u00e9s affectent le pilote kmxfw.sys.\n\n## Solution\n\nSe r\u00e9f\u00e9rer aux bulletins de s\u00e9curit\u00e9 de CA pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2008-2926",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-2926"
},
{
"name": "CVE-2008-3174",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3174"
}
],
"links": [
{
"title": "Avis de s\u00e9curit\u00e9 CA 36559 du 12 ao\u00fbt 2008 :",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
},
{
"title": "Avis de s\u00e9curit\u00e9 CA 36560 du 12 ao\u00fbt 2008 :",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560"
}
],
"reference": "CERTA-2008-AVI-401",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-08-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans des produits de\ns\u00e9curit\u00e9 CA. Elles permettraient \u00e0 des personnes locales d\u0027ex\u00e9cuter du\ncode arbitraire ou de perturber \u00e0 distance le fonctionnement du service.\n",
"title": "Plusieurs vuln\u00e9rabilit\u00e9s dans des produits CA",
"vendor_advisories": [
{
"published_at": null,
"title": "Avis de s\u00e9curit\u00e9 CA 36559 et 36560 du 11 ao\u00fbt 2008",
"url": null
}
]
}
CERTA-2008-AVI-085
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans la majorité des produits F-Secure. Cette vulnérabilité permet à un utilisateur malintentionné de passer outre le filtre de l'anti-virus.
Description
Une vulnérabilité a été découverte dans le traitement des fichiers au format RAR et CAB par les produits F-Secure. Cette vulnérabilité peut être exploitée via un fichier spécifiquement conçu et contourner ainsi le filtrage mis en place.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| ESET | Security | F-Secure Anti-Virus Client Security 7.01 ; | ||
| ESET | Internet Security | F-Secure Internet Security 2006 ; | ||
| ESET | Security | F-Secure Anti-Virus Linux Client Security 5.53 ; | ||
| ESET | Internet Security | F-Secure Internet Security 2007 Second Edition ; | ||
| Microsoft | Windows | F-Secure Anti-Virus for Windows Servers 7.00 ; | ||
| N/A | N/A | F-Secure Anti-Virus 2006 ; | ||
| N/A | N/A | F-Secure Anti-Virus for Workstations 5.44 ; | ||
| ESET | Internet Security | F-Secure Internet Security 2007 ; | ||
| ESET | Security | F-Secure Anti-Virus Client Security 6.02 ; | ||
| N/A | N/A | F-Secure Anti-Virus 2007, version 7.02 ; | ||
| ESET | Security | F-Secure Anti-Virus Client Security 6.03 ; | ||
| ESET | Security | F-Secure Anti-Virus Linux Client Security 5.52 ; | ||
| N/A | N/A | F-Secure Anti-Virus for MIMEsweeper 5.61 ; | ||
| Microsoft | N/A | F-Secure Anti-Virus for Microsoft Exchange 7.0 ; | ||
| N/A | N/A | F-Secure Anti-Virus for Workstations 7.10 ; | ||
| ESET | Security | F-Secure Messaging Security Gateway 4.0.7 and earlier. | ||
| Microsoft | Windows | F-Secure Internet Gatekeeper 6.61, Windows ; | ||
| N/A | N/A | F-Secure Anti-Virus for Linux 4.65 ; | ||
| ESET | Server Security | F-Secure Anti-Virus Linux Server Security 5.53 ; | ||
| ESET | Security | F-Secure Anti-Virus Client Security 7.10 ; | ||
| ESET | Server Security | F-Secure Anti-Virus Linux Server Security 5.52 ; | ||
| Microsoft | N/A | F-Secure Anti-Virus for Microsoft Exchange 6.62 ; | ||
| Citrix | N/A | F-Secure Anti-Virus for Citrix Servers 5.52 ; | ||
| N/A | N/A | F-Secure Protection Service for Consumers version 7.00 et versions précédentes ; | ||
| N/A | N/A | F-Secure Protection Service for Business version 3.00 et versions précédentes ; | ||
| N/A | N/A | F-Secure Anti-Virus 2007 ; | ||
| Microsoft | Windows | F-Secure Anti-Virus for Windows Servers 5.52 ; | ||
| N/A | N/A | F-Secure Internet Gatekeeper for Linux 2.16 ; | ||
| ESET | Internet Security | F-Secure Internet Security 2008 ; | ||
| N/A | N/A | F-Secure Anti-Virus for Workstations 7.00 ; | ||
| N/A | N/A | F-Secure Anti-Virus 2008 ; |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "F-Secure Anti-Virus Client Security 7.01 ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2006 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Linux Client Security 5.53 ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2007 Second Edition ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Windows Servers 7.00 ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus 2006 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Workstations 5.44 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2007 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Client Security 6.02 ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus 2007, version 7.02 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Client Security 6.03 ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Linux Client Security 5.52 ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for MIMEsweeper 5.61 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Microsoft Exchange 7.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Workstations 7.10 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Messaging Security Gateway 4.0.7 and earlier.",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Internet Gatekeeper 6.61, Windows ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Linux 4.65 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Linux Server Security 5.53 ;",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Client Security 7.10 ;",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus Linux Server Security 5.52 ;",
"product": {
"name": "Server Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Microsoft Exchange 6.62 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Citrix Servers 5.52 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Citrix",
"scada": false
}
}
},
{
"description": "F-Secure Protection Service for Consumers version 7.00 et versions pr\u00e9c\u00e9dentes ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Protection Service for Business version 3.00 et versions pr\u00e9c\u00e9dentes ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus 2007 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Windows Servers 5.52 ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "F-Secure Internet Gatekeeper for Linux 2.16 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Internet Security 2008 ;",
"product": {
"name": "Internet Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus for Workstations 7.00 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "F-Secure Anti-Virus 2008 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le traitement des fichiers au\nformat RAR et CAB par les produits F-Secure. Cette vuln\u00e9rabilit\u00e9 peut\n\u00eatre exploit\u00e9e via un fichier sp\u00e9cifiquement con\u00e7u et contourner ainsi\nle filtrage mis en place.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 F-Secure num\u00e9ro FSC-2008-1 du 13 f\u00e9vrier 2008 :",
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
}
],
"reference": "CERTA-2008-AVI-085",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2008-02-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans la majorit\u00e9 des produits\nF-Secure. Cette vuln\u00e9rabilit\u00e9 permet \u00e0 un utilisateur malintentionn\u00e9 de\npasser outre le filtre de l\u0027anti-virus.\n",
"title": "Vuln\u00e9rabilit\u00e9 des produits F-Secure",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F-Secure num\u00e9ro FSC-2008-1 du 13 f\u00e9vrier 2008",
"url": null
}
]
}