All the vulnerabilites related to f-secure - f-secure_anti-virus
cve-2004-1762
Vulnerability from cvelistv5
Published
2005-03-10 05:00
Modified
2024-08-08 01:00
Severity ?
EPSS score ?
Summary
Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/15432 | vdb-entry, x_refsource_XF | |
| http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/415734 | third-party-advisory, x_refsource_CERT-VN | |
| http://secunia.com/advisories/11089 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fsecure-antivirus-protection-bypass(15432)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15432"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"name": "VU#415734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/415734"
},
{
"name": "11089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fsecure-antivirus-protection-bypass(15432)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15432"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"name": "VU#415734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/415734"
},
{
"name": "11089",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fsecure-antivirus-protection-bypass(15432)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15432"
},
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"name": "VU#415734",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/415734"
},
{
"name": "11089",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1762",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-2405
Vulnerability from cvelistv5
Published
2005-08-18 04:00
Modified
2024-08-08 01:29
Severity ?
EPSS score ?
Summary
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.f-secure.com/security/fsc-2004-1.shtml | x_refsource_CONFIRM | |
| http://secunia.com/advisories/11712 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16258 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:12.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2004-1.shtml"
},
{
"name": "11712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11712"
},
{
"name": "fsecure-lha-archive-bo(16258)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16258"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2004-1.shtml"
},
{
"name": "11712",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11712"
},
{
"name": "fsecure-lha-archive-bo(16258)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16258"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2405",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.f-secure.com/security/fsc-2004-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2004-1.shtml"
},
{
"name": "11712",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11712"
},
{
"name": "fsecure-lha-archive-bo(16258)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16258"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2405",
"datePublished": "2005-08-18T04:00:00",
"dateReserved": "2005-08-18T00:00:00",
"dateUpdated": "2024-08-08T01:29:12.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-2442
Vulnerability from cvelistv5
Published
2005-08-20 04:00
Modified
2024-08-08 01:29
Severity ?
EPSS score ?
Summary
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/13263/ | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ciac.org/ciac/bulletins/p-041.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| http://www.kb.cert.org/vuls/id/968818 | third-party-advisory, x_refsource_CERT-VN | |
| http://www.f-secure.com/security/fsc-2004-3.shtml | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/11732 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/18217 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:13.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "13263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13263/"
},
{
"name": "P-041",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-041.shtml"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2004-3.shtml"
},
{
"name": "11732",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11732"
},
{
"name": "fsecure-zip-scan-bypass(18217)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18217"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "13263",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13263/"
},
{
"name": "P-041",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-041.shtml"
},
{
"name": "VU#968818",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2004-3.shtml"
},
{
"name": "11732",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11732"
},
{
"name": "fsecure-zip-scan-bypass(18217)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18217"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "13263",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13263/"
},
{
"name": "P-041",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-041.shtml"
},
{
"name": "VU#968818",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"name": "http://www.f-secure.com/security/fsc-2004-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2004-3.shtml"
},
{
"name": "11732",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11732"
},
{
"name": "fsecure-zip-scan-bypass(18217)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18217"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2442",
"datePublished": "2005-08-20T04:00:00",
"dateReserved": "2005-08-20T00:00:00",
"dateUpdated": "2024-08-08T01:29:13.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1425
Vulnerability from cvelistv5
Published
2010-04-15 21:12
Modified
2024-09-17 02:41
Severity ?
EPSS score ?
Summary
F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1023841 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1023842 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1023843 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/39396 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/0855 | vdb-entry, x_refsource_VUPEN | |
| http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1023841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-15T21:12:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1023841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1023841",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"name": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1425",
"datePublished": "2010-04-15T21:12:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:53.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6409
Vulnerability from cvelistv5
Published
2006-12-10 02:00
Modified
2024-08-07 20:26
Severity ?
EPSS score ?
Summary
F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/21461 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/453654/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.quantenblog.net/security/virus-scanner-bypass | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6409",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21461"
},
{
"name": "20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"name": "http://www.quantenblog.net/security/virus-scanner-bypass",
"refsource": "MISC",
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6409",
"datePublished": "2006-12-10T02:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1443
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80472 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/52612 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/80467 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80461 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80470 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80460 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80468 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80456 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80457 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80458 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80454 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80455 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80459 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80469 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80471 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80471"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80472",
"refsource": "OSVDB",
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"refsource": "OSVDB",
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"refsource": "OSVDB",
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"refsource": "OSVDB",
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"refsource": "OSVDB",
"url": "http://osvdb.org/80460"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"refsource": "OSVDB",
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"refsource": "OSVDB",
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"refsource": "OSVDB",
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"refsource": "OSVDB",
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"refsource": "OSVDB",
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"refsource": "OSVDB",
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"refsource": "OSVDB",
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"refsource": "OSVDB",
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"refsource": "OSVDB",
"url": "http://osvdb.org/80471"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1443",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3468
Vulnerability from cvelistv5
Published
2005-11-02 23:00
Modified
2024-08-07 23:10
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1015143 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1015142 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/15284 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/17361 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.f-secure.com/security/fsc-2005-2.shtml | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2005/2277 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:10:08.686Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015143",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015143"
},
{
"name": "1015142",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015142"
},
{
"name": "15284",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15284"
},
{
"name": "17361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17361"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2005-2.shtml"
},
{
"name": "ADV-2005-2277",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2277"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-12-20T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015143",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015143"
},
{
"name": "1015142",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015142"
},
{
"name": "15284",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15284"
},
{
"name": "17361",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17361"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2005-2.shtml"
},
{
"name": "ADV-2005-2277",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2277"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015143",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015143"
},
{
"name": "1015142",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015142"
},
{
"name": "15284",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15284"
},
{
"name": "17361",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17361"
},
{
"name": "http://www.f-secure.com/security/fsc-2005-2.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2005-2.shtml"
},
{
"name": "ADV-2005-2277",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2277"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3468",
"datePublished": "2005-11-02T23:00:00",
"dateReserved": "2005-11-02T00:00:00",
"dateUpdated": "2024-08-07T23:10:08.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-0350
Vulnerability from cvelistv5
Published
2005-02-11 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://xforce.iss.net/xforce/alerts/id/188 | third-party-advisory, x_refsource_ISS | |
| http://www.f-secure.com/security/fsc-2005-1.shtml | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:53.456Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050210 F-Secure AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://xforce.iss.net/xforce/alerts/id/188"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2005-1.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-15T16:38:04",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050210 F-Secure AntiVirus Library Heap Overflow",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://xforce.iss.net/xforce/alerts/id/188"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2005-1.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0350",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050210 F-Secure AntiVirus Library Heap Overflow",
"refsource": "ISS",
"url": "http://xforce.iss.net/xforce/alerts/id/188"
},
{
"name": "http://www.f-secure.com/security/fsc-2005-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2005-1.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0350",
"datePublished": "2005-02-11T05:00:00",
"dateReserved": "2005-02-11T00:00:00",
"dateUpdated": "2024-08-07T21:13:53.456Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2966
Vulnerability from cvelistv5
Published
2007-05-31 23:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/25426 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1018148 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1018147 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1018146 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/1985 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/470256/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.f-secure.com/security/fsc-2007-1.shtml | x_refsource_CONFIRM | |
| http://osvdb.org/36724 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/24235 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34575 | vdb-entry, x_refsource_XF | |
| http://www.nruns.com/security_advisory_fsecure_lzh.php | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25426"
},
{
"name": "1018148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018147",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018147"
},
{
"name": "1018146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name": "ADV-2007-1985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "20070601 n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470256/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2007-1.shtml"
},
{
"name": "36724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36724"
},
{
"name": "24235",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24235"
},
{
"name": "fsecure-lzh-bo(34575)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34575"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/security_advisory_fsecure_lzh.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25426",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25426"
},
{
"name": "1018148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018147",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018147"
},
{
"name": "1018146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name": "ADV-2007-1985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "20070601 n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470256/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2007-1.shtml"
},
{
"name": "36724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36724"
},
{
"name": "24235",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24235"
},
{
"name": "fsecure-lzh-bo(34575)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34575"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/security_advisory_fsecure_lzh.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2966",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25426",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25426"
},
{
"name": "1018148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018147",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018147"
},
{
"name": "1018146",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name": "ADV-2007-1985",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "20070601 n.runs-SA-2007.013 - F-Secure Antivirus LZH parsing BufferOverflow Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470256/100/0/threaded"
},
{
"name": "http://www.f-secure.com/security/fsc-2007-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2007-1.shtml"
},
{
"name": "36724",
"refsource": "OSVDB",
"url": "http://osvdb.org/36724"
},
{
"name": "24235",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24235"
},
{
"name": "fsecure-lzh-bo(34575)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34575"
},
{
"name": "http://www.nruns.com/security_advisory_fsecure_lzh.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_fsecure_lzh.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2966",
"datePublished": "2007-05-31T23:00:00",
"dateReserved": "2007-05-31T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0830
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:31
Severity ?
EPSS score ?
Summary
The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://marc.info/?l=bugtraq&m=109483205925698&w=2 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.idefense.com/application/poi/display?id=137&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.f-secure.com/security/fsc-2004-2.shtml | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/11145 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17307 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:31:47.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040910 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109483205925698\u0026w=2"
},
{
"name": "20040909 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=137\u0026type=vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2004-2.shtml"
},
{
"name": "11145",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11145"
},
{
"name": "fsecure-content-scanner-dos(17307)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17307"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040910 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=109483205925698\u0026w=2"
},
{
"name": "20040909 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=137\u0026type=vulnerabilities"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2004-2.shtml"
},
{
"name": "11145",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11145"
},
{
"name": "fsecure-content-scanner-dos(17307)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17307"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040910 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=109483205925698\u0026w=2"
},
{
"name": "20040909 F-Secure Internet Gatekeeper Content Scanning Server Denial of Service Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=137\u0026type=vulnerabilities"
},
{
"name": "http://www.f-secure.com/security/fsc-2004-2.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2004-2.shtml"
},
{
"name": "11145",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11145"
},
{
"name": "fsecure-content-scanner-dos(17307)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17307"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0830",
"datePublished": "2004-09-24T04:00:00",
"dateReserved": "2004-09-07T00:00:00",
"dateUpdated": "2024-08-08T00:31:47.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0338
Vulnerability from cvelistv5
Published
2006-01-21 00:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.f-secure.com/security/fsc-2006-1.shtml | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24199 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1015510 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/18529 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/22633 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1015509 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/16309 | vdb-entry, x_refsource_BID | |
| http://www.ciac.org/ciac/bulletins/q-103.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| http://securitytracker.com/id?1015508 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1015507 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/0257 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"name": "fsecure-rar-zip-scan-bypass(24199)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24199"
},
{
"name": "1015510",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015510"
},
{
"name": "18529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18529"
},
{
"name": "22633",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22633"
},
{
"name": "1015509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015509"
},
{
"name": "16309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16309"
},
{
"name": "Q-103",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"name": "1015508",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015508"
},
{
"name": "1015507",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015507"
},
{
"name": "ADV-2006-0257",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"name": "fsecure-rar-zip-scan-bypass(24199)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24199"
},
{
"name": "1015510",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015510"
},
{
"name": "18529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18529"
},
{
"name": "22633",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22633"
},
{
"name": "1015509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015509"
},
{
"name": "16309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16309"
},
{
"name": "Q-103",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"name": "1015508",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015508"
},
{
"name": "1015507",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015507"
},
{
"name": "ADV-2006-0257",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0257"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0338",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.f-secure.com/security/fsc-2006-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"name": "fsecure-rar-zip-scan-bypass(24199)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24199"
},
{
"name": "1015510",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015510"
},
{
"name": "18529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18529"
},
{
"name": "22633",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22633"
},
{
"name": "1015509",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015509"
},
{
"name": "16309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16309"
},
{
"name": "Q-103",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"name": "1015508",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015508"
},
{
"name": "1015507",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015507"
},
{
"name": "ADV-2006-0257",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0257"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0338",
"datePublished": "2006-01-21T00:00:00",
"dateReserved": "2006-01-20T00:00:00",
"dateUpdated": "2024-08-07T16:34:14.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1412
Vulnerability from cvelistv5
Published
2008-03-20 10:00
Modified
2024-08-07 08:24
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
References
| ▼ | URL | Tags |
|---|---|---|
| http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml | x_refsource_CONFIRM | |
| http://www.f-secure.com/security/fsc-2008-2.shtml | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41234 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/0903/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/28282 | vdb-entry, x_refsource_BID | |
| http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html | x_refsource_MISC | |
| http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1019620 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1019619 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1019618 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ | x_refsource_MISC | |
| http://secunia.com/advisories/29397 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:41.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28282"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019618"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28282"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019618"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-2.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28282"
},
{
"name": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html",
"refsource": "MISC",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019618"
},
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1412",
"datePublished": "2008-03-20T10:00:00",
"dateReserved": "2008-03-19T00:00:00",
"dateUpdated": "2024-08-07T08:24:41.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2967
Vulnerability from cvelistv5
Published
2007-05-31 23:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36725",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36725"
},
{
"name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/security_advisory_fsecure_arj.php"
},
{
"name": "1018148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018147",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018147"
},
{
"name": "1018146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470484/100/0/threaded"
},
{
"name": "ADV-2007-1985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nruns.com/security_advisory_fsecure_fsg.php"
},
{
"name": "36726",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36726"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2007-3.shtml"
},
{
"name": "25440",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25440"
},
{
"name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/470462/100/0/threaded"
},
{
"name": "fsecure-unspecified-archive-dos(34581)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34581"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36725",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36725"
},
{
"name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/security_advisory_fsecure_arj.php"
},
{
"name": "1018148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018147",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018147"
},
{
"name": "1018146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470484/100/0/threaded"
},
{
"name": "ADV-2007-1985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nruns.com/security_advisory_fsecure_fsg.php"
},
{
"name": "36726",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36726"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2007-3.shtml"
},
{
"name": "25440",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25440"
},
{
"name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/470462/100/0/threaded"
},
{
"name": "fsecure-unspecified-archive-dos(34581)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34581"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36725",
"refsource": "OSVDB",
"url": "http://osvdb.org/36725"
},
{
"name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html"
},
{
"name": "http://www.nruns.com/security_advisory_fsecure_arj.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_fsecure_arj.php"
},
{
"name": "1018148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018147",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018147"
},
{
"name": "1018146",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470484/100/0/threaded"
},
{
"name": "ADV-2007-1985",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html"
},
{
"name": "http://www.nruns.com/security_advisory_fsecure_fsg.php",
"refsource": "MISC",
"url": "http://www.nruns.com/security_advisory_fsecure_fsg.php"
},
{
"name": "36726",
"refsource": "OSVDB",
"url": "http://osvdb.org/36726"
},
{
"name": "http://www.f-secure.com/security/fsc-2007-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2007-3.shtml"
},
{
"name": "25440",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25440"
},
{
"name": "20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/470462/100/0/threaded"
},
{
"name": "fsecure-unspecified-archive-dos(34581)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34581"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2967",
"datePublished": "2007-05-31T23:00:00",
"dateReserved": "2007-05-31T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1461
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/80502 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/52626 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80504 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80506 | vdb-entry, x_refsource_OSVDB | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80500 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80505 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80501 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80503 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80510 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80510"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80510"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80502",
"refsource": "OSVDB",
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"refsource": "OSVDB",
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"refsource": "OSVDB",
"url": "http://osvdb.org/80506"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"refsource": "OSVDB",
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"refsource": "OSVDB",
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"refsource": "OSVDB",
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"refsource": "OSVDB",
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"refsource": "OSVDB",
"url": "http://osvdb.org/80510"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1461",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0235
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0235",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2004:840",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "FEDORA-2004-119",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "10243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "lha-directory-traversal(16013)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"name": "RHSA-2004:179",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "FLSA:1833",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "oval:org.mitre.oval:def:978",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"name": "oval:org.mitre.oval:def:10409",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0235",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-2220
Vulnerability from cvelistv5
Published
2005-07-17 04:00
Modified
2024-08-08 01:22
Severity ?
EPSS score ?
Summary
F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1012057 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/13067 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/11600 | vdb-entry, x_refsource_BID | |
| ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt | x_refsource_CONFIRM | |
| http://www.osvdb.org/11395 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17944 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.679Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1012057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1012057"
},
{
"name": "13067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/13067"
},
{
"name": "11600",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11600"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt"
},
{
"name": "11395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/11395"
},
{
"name": "fsecure-password-antivirus-bypass(17944)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17944"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1012057",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1012057"
},
{
"name": "13067",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/13067"
},
{
"name": "11600",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11600"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt"
},
{
"name": "11395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/11395"
},
{
"name": "fsecure-password-antivirus-bypass(17944)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17944"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1012057",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1012057"
},
{
"name": "13067",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/13067"
},
{
"name": "11600",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11600"
},
{
"name": "ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt",
"refsource": "CONFIRM",
"url": "ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt"
},
{
"name": "11395",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/11395"
},
{
"name": "fsecure-password-antivirus-bypass(17944)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17944"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2220",
"datePublished": "2005-07-17T04:00:00",
"dateReserved": "2005-07-17T00:00:00",
"dateUpdated": "2024-08-08T01:22:13.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5143
Vulnerability from cvelistv5
Published
2007-10-01 00:00
Modified
2024-08-07 15:24
Severity ?
EPSS score ?
Summary
F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36833 | vdb-entry, x_refsource_XF | |
| http://www.f-secure.com/security/fsc-2007-6.shtml | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/25824 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1018745 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/41377 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2007/3277 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/26948 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:40.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fsecure-executables-security-bypass(36833)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36833"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2007-6.shtml"
},
{
"name": "25824",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25824"
},
{
"name": "1018745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018745"
},
{
"name": "41377",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41377"
},
{
"name": "ADV-2007-3277",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3277"
},
{
"name": "26948",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26948"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fsecure-executables-security-bypass(36833)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36833"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2007-6.shtml"
},
{
"name": "25824",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25824"
},
{
"name": "1018745",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018745"
},
{
"name": "41377",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41377"
},
{
"name": "ADV-2007-3277",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3277"
},
{
"name": "26948",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26948"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fsecure-executables-security-bypass(36833)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36833"
},
{
"name": "http://www.f-secure.com/security/fsc-2007-6.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2007-6.shtml"
},
{
"name": "25824",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25824"
},
{
"name": "1018745",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018745"
},
{
"name": "41377",
"refsource": "OSVDB",
"url": "http://osvdb.org/41377"
},
{
"name": "ADV-2007-3277",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3277"
},
{
"name": "26948",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26948"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5143",
"datePublished": "2007-10-01T00:00:00",
"dateReserved": "2007-09-30T00:00:00",
"dateUpdated": "2024-08-07T15:24:40.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3664
Vulnerability from cvelistv5
Published
2005-11-18 11:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/17130 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/19913 | vdb-entry, x_refsource_OSVDB | |
| http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.osvdb.org/19912 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/22564 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/15054 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/17144 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "17130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17130"
},
{
"name": "19913",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19913"
},
{
"name": "20051010 Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"name": "19912",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/19912"
},
{
"name": "kaspersky-fsecure-chm-bo(22564)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"name": "15054",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15054"
},
{
"name": "17144",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17144"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "17130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17130"
},
{
"name": "19913",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19913"
},
{
"name": "20051010 Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"name": "19912",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/19912"
},
{
"name": "kaspersky-fsecure-chm-bo(22564)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"name": "15054",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15054"
},
{
"name": "17144",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17144"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3664",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "17130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17130"
},
{
"name": "19913",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19913"
},
{
"name": "20051010 Kaspersky Anti-Virus Engine CHM File Parser Buffer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"name": "19912",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/19912"
},
{
"name": "kaspersky-fsecure-chm-bo(22564)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"name": "15054",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15054"
},
{
"name": "17144",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17144"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3664",
"datePublished": "2005-11-18T11:00:00",
"dateReserved": "2005-11-18T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.391Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1557
Vulnerability from cvelistv5
Published
2007-03-21 01:00
Modified
2024-08-07 12:59
Severity ?
EPSS score ?
Summary
Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/23023 | vdb-entry, x_refsource_BID | |
| http://www.layereddefense.com/F-SecureMar18.html | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2007/1055 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/463190/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/2472 | third-party-advisory, x_refsource_SREASON | |
| http://osvdb.org/34764 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:59:08.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "23023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23023"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.layereddefense.com/F-SecureMar18.html"
},
{
"name": "ADV-2007-1055",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1055"
},
{
"name": "20070319 Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/463190/100/0/threaded"
},
{
"name": "2472",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2472"
},
{
"name": "34764",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34764"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "23023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23023"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.layereddefense.com/F-SecureMar18.html"
},
{
"name": "ADV-2007-1055",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1055"
},
{
"name": "20070319 Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/463190/100/0/threaded"
},
{
"name": "2472",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2472"
},
{
"name": "34764",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34764"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "23023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23023"
},
{
"name": "http://www.layereddefense.com/F-SecureMar18.html",
"refsource": "MISC",
"url": "http://www.layereddefense.com/F-SecureMar18.html"
},
{
"name": "ADV-2007-1055",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1055"
},
{
"name": "20070319 Layered Defense Research Advisory: F-Secure Anti-Virus Client Security 6.02 Format String Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/463190/100/0/threaded"
},
{
"name": "2472",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2472"
},
{
"name": "34764",
"refsource": "OSVDB",
"url": "http://osvdb.org/34764"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1557",
"datePublished": "2007-03-21T01:00:00",
"dateReserved": "2007-03-20T00:00:00",
"dateUpdated": "2024-08-07T12:59:08.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1442
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80427 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/52598 | vdb-entry, x_refsource_BID | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80428 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/80426 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52598"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52598"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"refsource": "OSVDB",
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52598"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"refsource": "OSVDB",
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1442",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0910
Vulnerability from cvelistv5
Published
2008-02-22 22:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/40480 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1019405 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1019412 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/28919 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.f-secure.com/security/fsc-2008-1.shtml | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1019413 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/0544/references | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:40.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fsecure-cab-rar-security-bypass(40480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"name": "1019405",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019405"
},
{
"name": "1019412",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019412"
},
{
"name": "28919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28919"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"name": "1019413",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019413"
},
{
"name": "ADV-2008-0544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fsecure-cab-rar-security-bypass(40480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"name": "1019405",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019405"
},
{
"name": "1019412",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019412"
},
{
"name": "28919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28919"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"name": "1019413",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019413"
},
{
"name": "ADV-2008-0544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0910",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fsecure-cab-rar-security-bypass(40480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"name": "1019405",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019405"
},
{
"name": "1019412",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019412"
},
{
"name": "28919",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28919"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"name": "1019413",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019413"
},
{
"name": "ADV-2008-0544",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0910",
"datePublished": "2008-02-22T22:00:00",
"dateReserved": "2008-02-22T00:00:00",
"dateUpdated": "2024-08-07T08:01:40.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-2838
Vulnerability from cvelistv5
Published
2006-06-06 20:03
Modified
2024-08-07 18:06
Severity ?
EPSS score ?
Summary
Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016197 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1016196 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/2076 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/26799 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/20407 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.f-secure.com/security/fsc-2006-3.shtml | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:06:26.855Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016197",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016197"
},
{
"name": "1016196",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016196"
},
{
"name": "ADV-2006-2076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2076"
},
{
"name": "fsecure-webconsole-bo(26799)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26799"
},
{
"name": "20407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20407"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2006-3.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016197",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016197"
},
{
"name": "1016196",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016196"
},
{
"name": "ADV-2006-2076",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2076"
},
{
"name": "fsecure-webconsole-bo(26799)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26799"
},
{
"name": "20407",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20407"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2006-3.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2838",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016197",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016197"
},
{
"name": "1016196",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016196"
},
{
"name": "ADV-2006-2076",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2076"
},
{
"name": "fsecure-webconsole-bo(26799)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26799"
},
{
"name": "20407",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20407"
},
{
"name": "http://www.f-secure.com/security/fsc-2006-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2006-3.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2838",
"datePublished": "2006-06-06T20:03:00",
"dateReserved": "2006-06-05T00:00:00",
"dateUpdated": "2024-08-07T18:06:26.855Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1431
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-09-17 03:27
Severity ?
EPSS score ?
Summary
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-03-21T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1431",
"datePublished": "2012-03-21T10:00:00Z",
"dateReserved": "2012-02-29T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:21.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1459
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"refsource": "OSVDB",
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"refsource": "OSVDB",
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"refsource": "OSVDB",
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1459",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0792
Vulnerability from cvelistv5
Published
2008-02-15 01:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/40480 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1019405 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1019412 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/28919 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.f-secure.com/security/fsc-2008-1.shtml | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1019413 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/0544/references | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:01:39.251Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "fsecure-cab-rar-security-bypass(40480)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"name": "1019405",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019405"
},
{
"name": "1019412",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019412"
},
{
"name": "28919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28919"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"name": "1019413",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019413"
},
{
"name": "ADV-2008-0544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "fsecure-cab-rar-security-bypass(40480)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"name": "1019405",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019405"
},
{
"name": "1019412",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019412"
},
{
"name": "28919",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28919"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"name": "1019413",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019413"
},
{
"name": "ADV-2008-0544",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0792",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "fsecure-cab-rar-security-bypass(40480)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"name": "1019405",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019405"
},
{
"name": "1019412",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019412"
},
{
"name": "28919",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28919"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"name": "1019413",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019413"
},
{
"name": "ADV-2008-0544",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0792",
"datePublished": "2008-02-15T01:00:00",
"dateReserved": "2008-02-14T00:00:00",
"dateUpdated": "2024-08-07T08:01:39.251Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3546
Vulnerability from cvelistv5
Published
2005-11-16 07:37
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015160",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015160"
},
{
"name": "20546",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20546"
},
{
"name": "20543",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20543"
},
{
"name": "20538",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20538"
},
{
"name": "20540",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20540"
},
{
"name": "20549",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20549"
},
{
"name": "17467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17467"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2005-3.shtml"
},
{
"name": "20544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20544"
},
{
"name": "20547",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20547"
},
{
"name": "ADV-2005-2331",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2331"
},
{
"name": "20550",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20550"
},
{
"name": "20541",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20541"
},
{
"name": "20551",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20551"
},
{
"name": "20537",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20537"
},
{
"name": "1015159",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015159"
},
{
"name": "20545",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20545"
},
{
"name": "20513",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20513"
},
{
"name": "20552",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20552"
},
{
"name": "fsecure-scripts-root-privileges(22966)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22966"
},
{
"name": "20539",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20539"
},
{
"name": "20548",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20548"
},
{
"name": "15339",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15339"
},
{
"name": "20542",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/20542"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015160",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015160"
},
{
"name": "20546",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20546"
},
{
"name": "20543",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20543"
},
{
"name": "20538",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20538"
},
{
"name": "20540",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20540"
},
{
"name": "20549",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20549"
},
{
"name": "17467",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17467"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2005-3.shtml"
},
{
"name": "20544",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20544"
},
{
"name": "20547",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20547"
},
{
"name": "ADV-2005-2331",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2331"
},
{
"name": "20550",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20550"
},
{
"name": "20541",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20541"
},
{
"name": "20551",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20551"
},
{
"name": "20537",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20537"
},
{
"name": "1015159",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015159"
},
{
"name": "20545",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20545"
},
{
"name": "20513",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20513"
},
{
"name": "20552",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20552"
},
{
"name": "fsecure-scripts-root-privileges(22966)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22966"
},
{
"name": "20539",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20539"
},
{
"name": "20548",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20548"
},
{
"name": "15339",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15339"
},
{
"name": "20542",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/20542"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015160",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015160"
},
{
"name": "20546",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20546"
},
{
"name": "20543",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20543"
},
{
"name": "20538",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20538"
},
{
"name": "20540",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20540"
},
{
"name": "20549",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20549"
},
{
"name": "17467",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17467"
},
{
"name": "http://www.f-secure.com/security/fsc-2005-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2005-3.shtml"
},
{
"name": "20544",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20544"
},
{
"name": "20547",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20547"
},
{
"name": "ADV-2005-2331",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2331"
},
{
"name": "20550",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20550"
},
{
"name": "20541",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20541"
},
{
"name": "20551",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20551"
},
{
"name": "20537",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20537"
},
{
"name": "1015159",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015159"
},
{
"name": "20545",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20545"
},
{
"name": "20513",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20513"
},
{
"name": "20552",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20552"
},
{
"name": "fsecure-scripts-root-privileges(22966)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22966"
},
{
"name": "20539",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20539"
},
{
"name": "20548",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20548"
},
{
"name": "15339",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15339"
},
{
"name": "20542",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/20542"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3546",
"datePublished": "2005-11-16T07:37:00",
"dateReserved": "2005-11-16T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.308Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6085
Vulnerability from cvelistv5
Published
2009-02-06 11:00
Modified
2024-08-07 11:20
Severity ?
EPSS score ?
Summary
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31846 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1021073 | vdb-entry, x_refsource_SECTRACK | |
| http://www.f-secure.com/security/fsc-2008-3.shtml | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32352 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2874 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46016 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021073"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6085",
"datePublished": "2009-02-06T11:00:00",
"dateReserved": "2009-02-05T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-0234
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.930Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015866",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0234",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015866",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015866"
},
{
"name": "CLA-2004:840",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"name": "5753",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5753"
},
{
"name": "oval:org.mitre.oval:def:977",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"name": "FEDORA-2004-119",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"name": "10243",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10243"
},
{
"name": "ADV-2006-1220",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"name": "20040501 LHa buffer overflows and directory traversal problems",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"name": "19514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19514"
},
{
"name": "5754",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/5754"
},
{
"name": "RHSA-2004:179",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"name": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt",
"refsource": "MISC",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"name": "FLSA:1833",
"refsource": "FEDORA",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"name": "DSA-515",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"name": "oval:org.mitre.oval:def:9881",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"name": "GLSA-200405-02",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"name": "RHSA-2004:178",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"name": "lha-multiple-bo(16012)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"name": "20040502 Lha local stack overflow Proof Of Concept Code",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0234",
"datePublished": "2004-05-05T04:00:00",
"dateReserved": "2004-03-17T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-2965
Vulnerability from cvelistv5
Published
2007-05-31 23:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1018148 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1018146 | vdb-entry, x_refsource_SECTRACK | |
| http://www.f-secure.com/security/fsc-2007-2.shtml | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34579 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2007/1985 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/36727 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/25439 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:57:54.743Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1018148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018146"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2007-2.shtml"
},
{
"name": "fsecure-realtime-privilege-escalation(34579)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34579"
},
{
"name": "ADV-2007-1985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "36727",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36727"
},
{
"name": "25439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25439"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-05-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and \"access validation of the address space.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1018148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018146",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018146"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2007-2.shtml"
},
{
"name": "fsecure-realtime-privilege-escalation(34579)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34579"
},
{
"name": "ADV-2007-1985",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "36727",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36727"
},
{
"name": "25439",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25439"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and \"access validation of the address space.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1018148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"name": "1018146",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"name": "http://www.f-secure.com/security/fsc-2007-2.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2007-2.shtml"
},
{
"name": "fsecure-realtime-privilege-escalation(34579)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34579"
},
{
"name": "ADV-2007-1985",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"name": "36727",
"refsource": "OSVDB",
"url": "http://osvdb.org/36727"
},
{
"name": "25439",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25439"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2965",
"datePublished": "2007-05-31T23:00:00",
"dateReserved": "2007-05-31T00:00:00",
"dateUpdated": "2024-08-07T13:57:54.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3490
Vulnerability from cvelistv5
Published
2006-07-10 22:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/20858 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27502 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1016400 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/18693 | vdb-entry, x_refsource_BID | |
| http://www.f-secure.com/security/fsc-2006-4.shtml | x_refsource_CONFIRM | |
| http://www.osvdb.org/26876 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1016401 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/2573 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20858"
},
{
"name": "fsecure-scannetworkdrives-security-bypass(27502)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27502"
},
{
"name": "1016400",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016400"
},
{
"name": "18693",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18693"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"name": "26876",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26876"
},
{
"name": "1016401",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016401"
},
{
"name": "ADV-2006-2573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2573"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when \"Scan network drives\" is disabled, which allows remote attackers to bypass anti-virus controls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20858"
},
{
"name": "fsecure-scannetworkdrives-security-bypass(27502)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27502"
},
{
"name": "1016400",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016400"
},
{
"name": "18693",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18693"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"name": "26876",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26876"
},
{
"name": "1016401",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016401"
},
{
"name": "ADV-2006-2573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2573"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3490",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when \"Scan network drives\" is disabled, which allows remote attackers to bypass anti-virus controls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20858"
},
{
"name": "fsecure-scannetworkdrives-security-bypass(27502)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27502"
},
{
"name": "1016400",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016400"
},
{
"name": "18693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18693"
},
{
"name": "http://www.f-secure.com/security/fsc-2006-4.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"name": "26876",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26876"
},
{
"name": "1016401",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016401"
},
{
"name": "ADV-2006-2573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2573"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3490",
"datePublished": "2006-07-10T22:00:00",
"dateReserved": "2006-07-10T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2004-2276
Vulnerability from cvelistv5
Published
2005-07-19 04:00
Modified
2024-08-08 01:22
Severity ?
EPSS score ?
Summary
F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/11699 | third-party-advisory, x_refsource_SECUNIA | |
| http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml | x_refsource_CONFIRM | |
| http://support.f-secure.de/ger/home/downloads/hotfixes/av5-hotfixes.shtml | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16243 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/6409 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:22:13.545Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11699"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.de/ger/home/downloads/hotfixes/av5-hotfixes.shtml"
},
{
"name": "fsecure-sober-detection-bypass(16243)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16243"
},
{
"name": "6409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6409"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11699"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.de/ger/home/downloads/hotfixes/av5-hotfixes.shtml"
},
{
"name": "fsecure-sober-detection-bypass(16243)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16243"
},
{
"name": "6409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6409"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11699"
},
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"name": "http://support.f-secure.de/ger/home/downloads/hotfixes/av5-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.de/ger/home/downloads/hotfixes/av5-hotfixes.shtml"
},
{
"name": "fsecure-sober-detection-bypass(16243)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16243"
},
{
"name": "6409",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6409"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2276",
"datePublished": "2005-07-19T04:00:00",
"dateReserved": "2005-07-19T00:00:00",
"dateUpdated": "2024-08-08T01:22:13.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3489
Vulnerability from cvelistv5
Published
2006-07-10 22:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/20858 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1016400 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/26875 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/18693 | vdb-entry, x_refsource_BID | |
| http://www.f-secure.com/security/fsc-2006-4.shtml | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1016401 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27498 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2006/2573 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.324Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20858"
},
{
"name": "1016400",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016400"
},
{
"name": "26875",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/26875"
},
{
"name": "18693",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18693"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"name": "1016401",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016401"
},
{
"name": "fsecure-antivirus-filename-security-bypass(27498)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
},
{
"name": "ADV-2006-2573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2573"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20858",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20858"
},
{
"name": "1016400",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016400"
},
{
"name": "26875",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/26875"
},
{
"name": "18693",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18693"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"name": "1016401",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016401"
},
{
"name": "fsecure-antivirus-filename-security-bypass(27498)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
},
{
"name": "ADV-2006-2573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2573"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20858",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20858"
},
{
"name": "1016400",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016400"
},
{
"name": "26875",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/26875"
},
{
"name": "18693",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18693"
},
{
"name": "http://www.f-secure.com/security/fsc-2006-4.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"name": "1016401",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016401"
},
{
"name": "fsecure-antivirus-filename-security-bypass(27498)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
},
{
"name": "ADV-2006-2573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2573"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3489",
"datePublished": "2006-07-10T22:00:00",
"dateReserved": "2006-07-10T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.324Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1463
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 19:01
Severity ?
EPSS score ?
Summary
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/80433 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/52614 | vdb-entry, x_refsource_BID | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC | |
| http://osvdb.org/80426 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74311 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52614"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52614"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"refsource": "OSVDB",
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52614"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1463",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:02.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-3300
Vulnerability from cvelistv5
Published
2007-06-20 22:00
Modified
2024-08-07 14:14
Severity ?
EPSS score ?
Summary
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/25738 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/24525 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1018267 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/34942 | vdb-entry, x_refsource_XF | |
| http://www.f-secure.com/security/fsc-2007-5.shtml | x_refsource_CONFIRM | |
| http://osvdb.org/36729 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1018266 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/2247 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1018268 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/36728 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:14:12.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25738",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25738"
},
{
"name": "24525",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24525"
},
{
"name": "1018267",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018267"
},
{
"name": "fsecure-lzh-rar-security-bypass(34942)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34942"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2007-5.shtml"
},
{
"name": "36729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36729"
},
{
"name": "1018266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018266"
},
{
"name": "ADV-2007-2247",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2247"
},
{
"name": "1018268",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018268"
},
{
"name": "36728",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/36728"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25738",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25738"
},
{
"name": "24525",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24525"
},
{
"name": "1018267",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018267"
},
{
"name": "fsecure-lzh-rar-security-bypass(34942)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34942"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2007-5.shtml"
},
{
"name": "36729",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36729"
},
{
"name": "1018266",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018266"
},
{
"name": "ADV-2007-2247",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2247"
},
{
"name": "1018268",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018268"
},
{
"name": "36728",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/36728"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3300",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25738",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25738"
},
{
"name": "24525",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24525"
},
{
"name": "1018267",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018267"
},
{
"name": "fsecure-lzh-rar-security-bypass(34942)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34942"
},
{
"name": "http://www.f-secure.com/security/fsc-2007-5.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2007-5.shtml"
},
{
"name": "36729",
"refsource": "OSVDB",
"url": "http://osvdb.org/36729"
},
{
"name": "1018266",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018266"
},
{
"name": "ADV-2007-2247",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2247"
},
{
"name": "1018268",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018268"
},
{
"name": "36728",
"refsource": "OSVDB",
"url": "http://osvdb.org/36728"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3300",
"datePublished": "2007-06-20T22:00:00",
"dateReserved": "2007-06-20T00:00:00",
"dateUpdated": "2024-08-07T14:14:12.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0337
Vulnerability from cvelistv5
Published
2006-01-21 00:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.f-secure.com/security/fsc-2006-1.shtml | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1015510 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/18529 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.osvdb.org/22632 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24198 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1015509 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/16309 | vdb-entry, x_refsource_BID | |
| http://www.ciac.org/ciac/bulletins/q-103.shtml | third-party-advisory, government-resource, x_refsource_CIAC | |
| http://securitytracker.com/id?1015508 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1015507 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2006/0257 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.410Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"name": "1015510",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015510"
},
{
"name": "18529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18529"
},
{
"name": "22632",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22632"
},
{
"name": "fsecure-zip-bo(24198)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24198"
},
{
"name": "1015509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015509"
},
{
"name": "16309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16309"
},
{
"name": "Q-103",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"name": "1015508",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015508"
},
{
"name": "1015507",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015507"
},
{
"name": "ADV-2006-0257",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0257"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"name": "1015510",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015510"
},
{
"name": "18529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18529"
},
{
"name": "22632",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22632"
},
{
"name": "fsecure-zip-bo(24198)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24198"
},
{
"name": "1015509",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015509"
},
{
"name": "16309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16309"
},
{
"name": "Q-103",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"name": "1015508",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015508"
},
{
"name": "1015507",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015507"
},
{
"name": "ADV-2006-0257",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0257"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.f-secure.com/security/fsc-2006-1.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"name": "1015510",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015510"
},
{
"name": "18529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18529"
},
{
"name": "22632",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22632"
},
{
"name": "fsecure-zip-bo(24198)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24198"
},
{
"name": "1015509",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015509"
},
{
"name": "16309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16309"
},
{
"name": "Q-103",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"name": "1015508",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015508"
},
{
"name": "1015507",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015507"
},
{
"name": "ADV-2006-0257",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0257"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0337",
"datePublished": "2006-01-21T00:00:00",
"dateReserved": "2006-01-20T00:00:00",
"dateUpdated": "2024-08-07T16:34:14.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1429
Vulnerability from cvelistv5
Published
2012-03-21 10:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74244 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/522005 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.ieee-security.org/TC/SP2012/program.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1429",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
"matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) \"..\" (punto punto) o (2) rutas absolutas con barra inicial doble (\"//ruta/absoluta\")."
}
],
"id": "CVE-2004-0235",
"lastModified": "2024-11-20T23:48:04.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-10 22:05
Modified
2024-11-21 00:13
Severity ?
Summary
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "723EB35B-5E24-4901-BDB6-D16D063F9857",
"versionEndIncluding": "5.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "141114BE-BDF1-45D7-A4D7-BF55172FB2E3",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "CFE0DE01-2910-49C6-AF4B-5799FEB04338",
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
"matchCriteriaId": "8C8DC4C2-E570-412E-BCF8-05B65D190383",
"versionEndIncluding": "6.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A730182C-A1EC-410E-82F2-893815444638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
},
{
"lang": "es",
"value": "F-Secure Anti-Virus de 2003 a 2006 y otras versiones, Internet Security de 2003 a 2006 y Service Platform para Service Providers 6.x y anteriores permite a atacantes remotos evitar la b\u00fasqueda antivirus a trav\u00e9s de un nombre de archivo manipulado."
}
],
"id": "CVE-2006-3489",
"lastModified": "2024-11-21T00:13:43.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-10T22:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20858"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016400"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016401"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/26875"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18693"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2573"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/26875"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-31 23:30
Modified
2024-11-21 00:32
Severity ?
Summary
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "75319428-D8AF-4863-9B55-30CD6D41DA54",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "213E4AAB-E890-4D5A-935E-C44120729179",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "131C7D74-C1E0-47D6-8246-5B77330F7E02",
"versionEndIncluding": "5.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "723EB35B-5E24-4901-BDB6-D16D063F9857",
"versionEndIncluding": "5.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "22E20219-86BC-4571-9021-41DAC45B9E8F",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "CFE0DE01-2910-49C6-AF4B-5799FEB04338",
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "E6FF2902-D9CE-477E-BF73-561B12F526FC",
"versionEndIncluding": "6.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52D9FF34-1EEF-4C5F-B709-927931825A36",
"versionEndIncluding": "6.03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAD9FFA-92EF-427B-8499-47206A9EE07C",
"versionEndIncluding": "5.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE516E5-2CD5-42FC-8197-045ED44E651A",
"versionEndIncluding": "5.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service:*:*:consumers:*:*:*:*:*",
"matchCriteriaId": "CEB47D96-AAF6-4F44-833D-26224C4D1F49",
"versionEndIncluding": "6.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "8972DE53-0C05-471E-B7C0-4212043B9543",
"versionEndIncluding": "2.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75FDCA01-A786-43CA-958A-62EFF8CA813E",
"versionEndIncluding": "6.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files."
},
{
"lang": "es",
"value": "Varios productos antivirus de F-Secure para Microsoft Windows y Linux anterior a versi\u00f3n 20070522, permiten a los atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito de escaneo de archivos) por medio de ciertos archivos ARJ (1) o (2) archivos empaquetados FSG."
}
],
"id": "CVE-2007-2967",
"lastModified": "2024-11-21T00:32:05.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-31T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36725"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36726"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25440"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018147"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2007-3.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/security_advisory_fsecure_arj.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/security_advisory_fsecure_fsg.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/470462/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/470484/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063715.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2007-3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/security_advisory_fsecure_arj.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/security_advisory_fsecure_fsg.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/470462/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/470484/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34581"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-15 02:00
Modified
2024-11-21 00:42
Severity ?
Summary
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C8609465-1436-4F50-B7EE-0DF9DA7AA4CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "85517B0C-8C1A-4306-8466-2C138AD0709A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F0657810-2CB9-4887-8AA2-3E0927937820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "59FA86FF-A114-44EB-884A-766BEE17FD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD2B3CE-78CC-4BE7-80EB-25675371B5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:4.65:*:*:*:*:*:*:*",
"matchCriteriaId": "04102648-2C1C-420E-BBF7-5C948F0EE479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "9848B969-A0A4-4F38-9C6C-79395EFF8254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "605AB820-8069-430A-89AC-3E0122EB3B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9F9488-8DA8-48A9-9A11-B5E0D7AA9A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E77AB622-B899-46FD-9DFA-1964B57A9458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DB2DD7-86DC-440A-B8D9-0A84034E808F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C0DCADF7-B044-4646-B215-52685609ED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A097721B-9CBA-4E2D-B5E5-B7AAD938E61F",
"versionEndIncluding": "3.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "604EFE23-657D-406F-81BF-17BA524E8423",
"versionEndIncluding": "7.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
},
{
"lang": "es",
"value": "M\u00faltiples productos antivirus F-Secure, incluyendo Internet Security 2006 hasta 2008, Anti-Virus 2006 hasta 2008, F-Secure Protection Service y otros, permiten a los atacantes remotos omitir la detecci\u00f3n de malware por medio de un archivo CAB dise\u00f1ado."
}
],
"id": "CVE-2008-0792",
"lastModified": "2024-11-21T00:42:55.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-15T02:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28919"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019405"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019412"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019413"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| anti-virus | vba32 | 3.12.14.2 | |
| authentium | command_antivirus | 5.2.11.5 | |
| avg | avg_anti-virus | 10.0.0.1190 | |
| bitdefender | bitdefender | 7.2 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| eset | nod32_antivirus | 5795 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| k7computing | antivirus | 9.77.3565 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 | |
| symantec | endpoint_protection | 11.0 | |
| trendmicro | housecall | 9.120.0.1004 | |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos Gzip en AVG Anti-Virus 10.0.0.1190, BitDefender 7.2, Command Antivirus 5.2.11.5, a-squared Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Utilities Ikarus Virus T3 de l\u00ednea de comandos esc\u00e1ner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 06.06.12, 22.83.00.03 Rising Antivirus, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, y 3.12.14.2 VBA32 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo. tar.gz con varias secuencias comprimidas. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador Gzip."
}
],
"id": "CVE-2012-1461",
"lastModified": "2024-11-21T01:37:02.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.677",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80500"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80501"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80502"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80503"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80504"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80505"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80506"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80510"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52626"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ahnlab | v3_internet_security | 2011.01.18.00 | |
| aladdin | esafe | 7.0.17.0 | |
| authentium | command_antivirus | 5.2.11.5 | |
| bitdefender | bitdefender | 7.2 | |
| cat | quick_heal | 11.00 | |
| comodo | comodo_antivirus | 7424 | |
| f-prot | f-prot_antivirus | 4.6.2.117 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| nprotect | nprotect_antivirus | 2011-01-17.01 | |
| pandasecurity | panda_antivirus | 10.0.2.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en AhnLab V3 Internet Security v2011.01.18.00, BitDefender v7.2, Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) v11.00, Command Antivirus v5.2.11.5, Comodo Antivirus v7424, eSafe v7.0.17.0, F-Prot Antivirus v4.6.2.117, F-Secure Anti-Virus v9.0.16160.0, McAfee Anti-Virus Scanning Engine v5.400.0.1158, Norman Antivirus v6.6.12, nProtect anti-Virus v2011-01-17.01, y Panda Antivirus v10.0.2.7 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo ELF con un campo endianness modificado. NOTA: esto m\u00e1s tarde se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF."
}
],
"id": "CVE-2012-1463",
"lastModified": "2024-11-21T01:37:02.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.740",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80426"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80433"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52614"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-02-06 11:30
Modified
2024-11-21 00:55
Severity ?
Summary
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "B028C22E-399E-4A90-9673-64E4D510273E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "62204373-31FA-4F28-AA22-D4D6F3B80F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C319-313F-4CA5-9B37-D9860071E763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_citrix_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3858F1-B23F-4E45-BD23-C8262AD37F50",
"versionEndIncluding": "7.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D0AD44-C784-4019-B92C-A368092C815C",
"versionEndIncluding": "7.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:6.62:*:*:*:*:*:*:*",
"matchCriteriaId": "D622E750-A9AB-4EF3-BC2F-D7C3FFE8C961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "85EEA770-211A-4568-BB9F-9FE76D7BFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_mimesweeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6FA161-27C8-40A5-BAF7-4907D67E3C82",
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_windows_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF7866B-1F6D-49C8-8013-2A6974D42D95",
"versionEndIncluding": "8.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9F9488-8DA8-48A9-9A11-B5E0D7AA9A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8C775FD8-A757-41A6-BBC3-29BC9D2D12A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3E6352-6BF9-4FE6-A572-07A31972A28D",
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9523BF6D-AF64-4CFE-B017-695B6BB175C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E77AB622-B899-46FD-9DFA-1964B57A9458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DB2DD7-86DC-440A-B8D9-0A84034E808F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD6D628-460F-4AF7-971E-401D58E48AF1",
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "66AB396E-475C-404F-BEE1-66DE9C3A7555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6FC4F-F768-43FF-9627-DF41CD7D799C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5AE9AF-11E3-4CC5-BEE7-6ED5CF6FCEA5",
"versionEndIncluding": "7.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8FC353-E7D7-4097-B206-C0ACB654E0E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_home_server_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "13A9FDBE-1AAD-435A-BECF-2871864EAFA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4664D4A0-EB01-4274-9E1D-8EA5313F935A",
"versionEndIncluding": "2.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C73ADB10-61D7-46E9-B293-1C798E297A5F",
"versionEndIncluding": "6.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "89DC5D86-0C4A-4F94-83A2-DB21B868ACCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "94858828-3626-4654-AB6A-597A49C79284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D77467E5-A143-4720-93EE-29B399417065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_linux_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6ED823-E3F3-4444-86B5-BBD6D711B5B9",
"versionEndIncluding": "7.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5B1FA4-33A1-4EAD-A20F-C9A4AD64939C",
"versionEndIncluding": "5.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "25DB325A-39E6-4938-9761-D8DCD5A57C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2E6D2C-5520-41DE-AF1D-7E47F9A99CE7",
"versionEndIncluding": "3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6123A21D-BBB4-48D8-9701-7BFB637628C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C339068C-F74F-4B4B-AD15-09457CC85458",
"versionEndIncluding": "8.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:5.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F11E5127-4DC8-48A4-9AF5-1C148B71C7E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:6.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB0D1BB-B119-4996-859A-39348AEF36B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "721447B1-F577-48AB-A312-34306C485866",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en m\u00faltiples productos antivirus de F-Secure, incluyendo Internet Security 2006 hasta 2008, Anti-Virus 2006 hasta 2008, y otros, cuando ha sido configurado para escanear ficheros comprimidos internamente, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero comprimido RPM manipulado, lo que provocar\u00e1 un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2008-6085",
"lastModified": "2024-11-21T00:55:37.937",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-02-06T11:30:00.467",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32352"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31846"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021073"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-01 05:17
Modified
2024-11-21 00:37
Severity ?
Summary
F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | windows_2003_server | * | |
| f-secure | f-secure_anti-virus | 7.00 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:*:x64:*:*:*:*:*",
"matchCriteriaId": "CD264C73-360E-414D-BE22-192F92E5A0A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "BED6F056-D9E2-4799-A432-DC07F8154AA6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus."
},
{
"lang": "es",
"value": "El antivirus F-Secure para Windows Servers 7.0 en la edici\u00f3n de 64-bit permite a usuarios locales evitar el escaneo de los virus utilizando el directorio system32 para almacenar un (1) archivo o (2) ejecutable paquetizado manipulados. NOTA: en muchos entornos, esto no traspasa los l\u00edmites de los privilegios puesto que cualquier proceso que pueda escribir en el system32 puede tambi\u00e9n apagar el antivirus F-Secure."
}
],
"id": "CVE-2007-5143",
"lastModified": "2024-11-21T00:37:14.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-01T05:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41377"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26948"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2007-6.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25824"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018745"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3277"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41377"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2007-6.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018745"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36833"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-10 22:05
Modified
2024-11-21 00:13
Severity ?
Summary
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "723EB35B-5E24-4901-BDB6-D16D063F9857",
"versionEndIncluding": "5.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "141114BE-BDF1-45D7-A4D7-BF55172FB2E3",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "CFE0DE01-2910-49C6-AF4B-5799FEB04338",
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
"matchCriteriaId": "8C8DC4C2-E570-412E-BCF8-05B65D190383",
"versionEndIncluding": "6.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A730182C-A1EC-410E-82F2-893815444638",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when \"Scan network drives\" is disabled, which allows remote attackers to bypass anti-virus controls."
},
{
"lang": "es",
"value": "F-Secure Anti-Virus 2003 a 2006 y otras versiones, Internet Security 2003 a 2006 y Service Platform for Service Providers 6.x y anteriores no escanean archivos ubicados en medios extra\u00edbles cuando la opci\u00f3n \"Escanear Unidades de Red\" est\u00e1 deshabilitada, lo cual permite a atacantes remotos evitar el control de los antivirus."
}
],
"id": "CVE-2006-3490",
"lastModified": "2024-11-21T00:13:44.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-10T22:05:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/20858"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016400"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016401"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/26876"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18693"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2573"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/20858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016400"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/26876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2573"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27502"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| comodo | comodo_antivirus | 7424 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| nprotect | nprotect_antivirus | 2011-01-17.01 | |
| softwin | bitdefender | 7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softwin:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5A38BE-5D75-404F-AE34-7663D3E17927",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en BitDefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus motor de Detecci\u00f3n de 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C y nProtect anti-Virus 2011-01-17.01 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo ELF con una secuencia de caracteres ustar en un lugar determinado. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador. ELF"
}
],
"id": "CVE-2012-1429",
"lastModified": "2024-11-21T01:36:57.887",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:47.550",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| authentium | command_antivirus | 5.2.11.5 | |
| bitdefender | bitdefender | 7.2 | |
| comodo | comodo_antivirus | 7424 | |
| f-prot | f-prot_antivirus | 4.6.2.117 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| mcafee | gateway | 2010.1c | |
| nprotect | nprotect_antivirus | 2011-01-17.01 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en BitDefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (anteriormente Webwasher) 2010.1C, nProtect anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, y Rising Antivirus 22.83.00.03 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo ELF con una secuencia de caracteres \\ 4a \\ 46 \\ 49 \\ 46 en una determinada ubicaci\u00f3n. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF."
}
],
"id": "CVE-2012-1431",
"lastModified": "2024-11-21T01:36:58.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:47.630",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| antiy | avl_sdk | 2.0.3.7 | |
| cat | quick_heal | 11.00 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| pandasecurity | panda_antivirus | 10.0.2.7 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) 2010.1C, eSafe 7.0.17.0,, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti -Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0 Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, y Panda Antivirus 10.0.2.7 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un ELF archivo con un campo class modificado. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF."
}
],
"id": "CVE-2012-1442",
"lastModified": "2024-11-21T01:36:59.617",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:48.037",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80426"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80427"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80428"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52598"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:52
Severity ?
Summary
F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 6.30 | |
| f-secure | f-secure_anti-virus | 6.30_sr1 | |
| f-secure | f-secure_anti-virus | 6.31 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "97610DB9-0379-4EB3-95E6-9B5C21E5A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "5777A2C3-5EB0-495E-8E0E-94BCA86D5E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "2D43D811-F305-4709-9C43-862A7FC783B3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection."
}
],
"id": "CVE-2004-2220",
"lastModified": "2024-11-20T23:52:47.863",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13067"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1012057"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/11395"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11600"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17944"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/13067"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1012057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/11395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11600"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17944"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-03-20 10:44
Modified
2024-11-21 00:44
Severity ?
Summary
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C8609465-1436-4F50-B7EE-0DF9DA7AA4CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1566EBF3-230F-415F-8E0A-1D55A35ABB50",
"versionEndIncluding": "6.04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE3B1C3-BBCF-4C7E-87B4-418E850CE097",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C103D696-73C5-4582-8DD4-B292467F4F20",
"versionEndIncluding": "7.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3E6352-6BF9-4FE6-A572-07A31972A28D",
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAB6D4E-4897-4E83-B601-169D93EC50EE",
"versionEndIncluding": "7.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C0DCADF7-B044-4646-B215-52685609ED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_s60:2nd_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C6312D-350F-4E12-ABB6-4748CB286D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_windows_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5BA3FA3-3D16-4958-AC75-7380EFE8948A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_windows_mobile:6:*:*:*:*:*:*:*",
"matchCriteriaId": "757E27BF-8CC3-41E5-8348-350CFDAC4BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_windows_mobile:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "39318388-DD54-4304-9C7D-6F7C1584D68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_security_for_series_80:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3454E64-9E87-4707-BC02-5A881F443084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2E6D2C-5520-41DE-AF1D-7E47F9A99CE7",
"versionEndIncluding": "3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "604EFE23-657D-406F-81BF-17BA524E8423",
"versionEndIncluding": "7.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en multiples productos anti-virus de F-Secure, incluidos Internet Security 2006 hasta 2008, Anti-Virus 2006 hasta 2008 y otros, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (suspender o parar) utilizando un archivo defectuoso que provocar\u00e1 un excepci\u00f3n no manejada, como se ha demostrado por el paquete de pruebas PROTOS GENOME para formatos de archivo."
}
],
"id": "CVE-2008-1412",
"lastModified": "2024-11-21T00:44:28.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T10:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29397"
},
{
"source": "cve@mitre.org",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28282"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019618"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019619"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019620"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-10 02:28
Modified
2024-11-21 00:22
Severity ?
Summary
F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 4.65 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "46D73A43-3FBF-422D-B3CF-136F4B7A9A5C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file."
},
{
"lang": "es",
"value": "F-Secure Anti-Virus para Linux Gateways 4.65 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (posiblemente error fatal de escaneado), y posiblemente evitar una detecci\u00f3n de virus, insertando caracteres inv\u00e1lidos en un contenido codificado base 64 en un fichero MIME multipart/mixed, como se demuestra con el fichero de testeo EICAR."
}
],
"id": "CVE-2006-6409",
"lastModified": "2024-11-21T00:22:37.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-10T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.quantenblog.net/security/virus-scanner-bypass"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453654/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21461"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-15 21:30
Modified
2024-11-21 01:14
Severity ?
Summary
F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8584A696-5D15-4D14-A2C2-E0821844FB78",
"versionEndIncluding": "9.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:6.62:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "F073E513-A598-4421-936B-6264122CFB81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:7.0:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "6136A4CA-E833-43AF-8D32-B0DB3D812E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:7.10:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "30602BA3-9043-4E51-9457-16D8D1464EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E805B40A-9534-4215-9F8B-D533C06666AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "F83DDDED-51E8-43DE-BBA8-4AD36F920BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53919A2E-99A6-4896-9B23-F8DEA62FB006",
"versionEndIncluding": "2010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C586FEDB-4335-47FF-81C0-301F5CD80799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "1473BDA6-ADD8-41C0-95DD-D82A1317FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "B91DB04A-B6AA-4FDA-B3A1-9E46EC27078D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:linux:*:*:*:*:*",
"matchCriteriaId": "55C7A7CD-1BAB-475A-BEC1-3AFD15366103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80681B-B124-4797-BD0C-C137C189C8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "8C7F4E22-8609-4111-A588-BBA6CFBE3EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_2:*:*:*:*:*:*:*",
"matchCriteriaId": "137DBA10-602D-4D34-8AC1-998AD1229820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_2:*:linux:*:*:*:*:*",
"matchCriteriaId": "0AB5C071-A13A-4E32-9F40-E41B47D053BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "D606B8B1-C3A7-4110-8610-23FC8E90B30F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51_hotfix_2:*:*:*:*:*:*:*",
"matchCriteriaId": "A60DEC4D-FD5B-41B3-9BEB-3EF0641C0F05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51_hotfix_2:*:linux:*:*:*:*:*",
"matchCriteriaId": "DF853D24-E54D-4B0C-B78B-B1EBF29A3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:*:*:*:*:*:*",
"matchCriteriaId": "8E705203-E0A9-4F66-8393-926958DF1A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux:*:*:*:*:*",
"matchCriteriaId": "59824214-B535-400D-9614-797F61F81062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "698A033B-181B-4BD6-9004-BA120D84EE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA02414-2DD5-4AC2-963E-8B98BAB128B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "5A277838-B3AE-45E4-9E1D-005F63FB7573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "33C62796-C9C0-485E-A58B-6510AFA80F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFCD75B-B0FA-4811-AC26-2FFC217D17B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "8A2035B9-D6DE-4091-84B0-EC73F491EC43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5F8A5E-5C5B-4C2D-A69E-671D03AEABF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "2F448567-DCAB-4B5F-B939-5B630A5A9B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A49C5BE3-EF09-4B73-A8F7-95B428EB28F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9A3CF8-E32C-4C60-91B1-A4C651437F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "46D73A43-3FBF-422D-B3CF-136F4B7A9A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "58668CA2-425C-470E-BA2A-E791EEED6046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C51DBF04-31F1-42C7-9442-559A0AF52CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "016877EA-FBDE-4E49-8077-CFFCFB8E7DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "8CFC86C0-2E3E-4057-808C-358B4B0463F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8549318-DCD7-420A-AAD6-CE1D7E167E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "30E93E69-FE42-4E90-9306-C3A9A6CAAE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "857DC5D0-BAE2-47DE-92A3-63F4960A8022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "789D6655-F3FF-4F6C-BAF6-452D6ECA207B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB606BE-CCA7-41BF-AB9F-E7C362FBADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E92D04F2-5029-445C-ADF5-4FCC11E658BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "04041776-EA80-406D-BCAF-EAD1F6FAD53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "A8B5F6AF-561B-45B4-8087-D637FAB9E877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "B7D558FE-0C41-4FC1-AF94-2CDE69FF8CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E0A121-7894-4E38-9295-3A4BFB8B8749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "17C7BE07-1D72-4E06-BDD4-0281BE35CAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "FE057604-B92A-4B69-9CD5-189A33C90A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:*:*:*:*:*:*",
"matchCriteriaId": "71DDEE06-C625-44F5-8D39-156088563F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*",
"matchCriteriaId": "461627F0-2CEF-4623-B38E-6B30059B0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:*:*:*:*:*:*",
"matchCriteriaId": "216282DF-8055-4691-93C7-8152B2F761BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "9528ACFA-2A1C-4292-BDB6-93041E9CE97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:*:*:*:*:*:*",
"matchCriteriaId": "510A1602-D3D1-4CCE-9FB8-29D8F4E05924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "035181DB-9366-42A7-B783-3E8415FA8FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:*:*:*:*:*:*",
"matchCriteriaId": "15D9B8B6-1B7E-4FB1-85CD-695C39927463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*",
"matchCriteriaId": "352EE11B-2385-4359-BEA1-706FEA3E9D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "5F5C145F-C336-4FD0-8262-2CBDE3FBA12B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*",
"matchCriteriaId": "D35E1591-553E-42F0-AE3E-16A2A5640F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF39BC-ED88-4E49-97A5-4E2B7BB001F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "99727375-701D-4AD9-9410-B69B7603807C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "112A4C41-3201-4BDA-BC08-355A4B9C2347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "0D47BE5A-D3C9-4B97-AFB1-633AE69F911E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "AD772D28-E146-470A-AAD6-838587420FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "38F12483-2AAA-4269-BE97-65E80CE09C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*",
"matchCriteriaId": "6D9796D5-C957-410D-96A8-7C1AC1D614A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F44D5E36-58AC-417E-91F0-C7F9D4B8D34B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*",
"matchCriteriaId": "94B734B9-4D8C-4195-AA01-83DDEC535BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "9EDFA260-07D3-463D-BDAA-4C6F9F4D52FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBB5C76-E785-4A1D-A855-21F346ABA3B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "AEF8C12D-ADF4-4FAE-8B13-B69BFA5AFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "86D92D81-A2F8-47F0-8A79-2318A19D9CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*",
"matchCriteriaId": "F874EF46-3E17-4A51-A576-7E0BFE1FD4EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1171FFA9-4898-4174-AD17-C6E47A120585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5145EA79-BB99-4DF6-82CD-539AFBE393CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F1F7D7-2F21-46EC-8991-F565556AFDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:client_security:*:*:*:*:*",
"matchCriteriaId": "995DCFD5-5745-48E6-BC0E-B8AE3F194CFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:firewalls:*:*:*:*:*",
"matchCriteriaId": "A937E670-6263-4497-B17F-1D19D48ED6CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "4401535F-9AC5-4419-A6B6-9A877887A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "366ED344-85B2-418D-90E6-19B27260B465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:client_security:*:*:*:*:*",
"matchCriteriaId": "2B5FC2F8-A355-4964-B908-0DCC00734BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B56AC-3C96-43C4-88D0-FAB97C3C28BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:*:*:*:*:*:*",
"matchCriteriaId": "18A8AA65-9B9E-419C-9D1C-D5A88778D8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "97610DB9-0379-4EB3-95E6-9B5C21E5A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC32B19D-E275-4D63-A9CA-403D7B87DD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "5777A2C3-5EB0-495E-8E0E-94BCA86D5E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCFE4AA-9E83-442B-89F9-413BBA5A31F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "2D43D811-F305-4709-9C43-862A7FC783B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:*:*:*:*:*:*",
"matchCriteriaId": "4F78CC67-B3AA-4503-9F49-7E605C230816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "375B5B66-822B-4142-BAA3-0928DE7A8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:*:*:*:*:*:*",
"matchCriteriaId": "410D9937-4480-482C-A672-8F578EF1F0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "3F1CCFFE-4745-46BE-840F-F658245A6058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB2803F-8685-4803-9C93-E9D4A672D333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "880E04C0-42C2-4261-92D1-CF83133567F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "163EACA6-64CC-4554-BE19-52AB02D1F67D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:client_security:*:*:*:*:*",
"matchCriteriaId": "D990AE62-7B09-4DA8-ADB7-3CBA2DF18683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "C2BF5C8E-D1C4-4082-AFBE-8A8413CE1392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "BED6F056-D9E2-4799-A432-DC07F8154AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4382A281-75F3-455C-B7EF-8514531C17C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "B028C22E-399E-4A90-9673-64E4D510273E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "62204373-31FA-4F28-AA22-D4D6F3B80F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C8609465-1436-4F50-B7EE-0DF9DA7AA4CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C319-313F-4CA5-9B37-D9860071E763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA805B86-7E74-4E27-A06D-41F86FDFAAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "85517B0C-8C1A-4306-8466-2C138AD0709A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F0657810-2CB9-4887-8AA2-3E0927937820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "59FA86FF-A114-44EB-884A-766BEE17FD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD2B3CE-78CC-4BE7-80EB-25675371B5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_citrix_servers:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3776E315-E935-4422-A3F3-F6D261DFDB86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3346E2B-C289-41A2-80B6-D8DA7697CC32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:4.65:*:*:*:*:*:*:*",
"matchCriteriaId": "04102648-2C1C-420E-BBF7-5C948F0EE479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:6.62:*:*:*:*:*:*:*",
"matchCriteriaId": "D622E750-A9AB-4EF3-BC2F-D7C3FFE8C961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "85EEA770-211A-4568-BB9F-9FE76D7BFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "06C05AE3-5003-44B0-BAFB-F5081373994F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_mimesweeper:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C03EB725-E91E-4CA3-A903-0CD45D7EE2F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_windows_servers:8.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC68767-4F85-4D80-AB6C-38A3362144A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7B8FE8-8458-4C38-8FE6-6A7BEA28EB0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "9848B969-A0A4-4F38-9C6C-79395EFF8254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "605AB820-8069-430A-89AC-3E0122EB3B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9F9488-8DA8-48A9-9A11-B5E0D7AA9A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8C775FD8-A757-41A6-BBC3-29BC9D2D12A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1BF1F7-8570-46A8-BDFE-43720C44576E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9523BF6D-AF64-4CFE-B017-695B6BB175C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E77AB622-B899-46FD-9DFA-1964B57A9458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DB2DD7-86DC-440A-B8D9-0A84034E808F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E53728-0B65-48C4-A812-8915BFC5A51A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F433148-3A0B-4F84-B4FB-A8EFFCB22EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "66AB396E-475C-404F-BEE1-66DE9C3A7555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6FC4F-F768-43FF-9627-DF41CD7D799C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "105743CC-1365-404D-9B3D-0CDBFDF4BB33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8900048F-8EAB-4BF7-98C1-57F8DA49AF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A53E8102-9A65-45FD-AFDE-25861BC49B7B",
"versionEndIncluding": "2010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "89DC5D86-0C4A-4F94-83A2-DB21B868ACCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "94858828-3626-4654-AB6A-597A49C79284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C0DCADF7-B044-4646-B215-52685609ED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D77467E5-A143-4720-93EE-29B399417065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:home_server_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "5399311C-0418-45CA-9FED-082D9B484D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:-:linux:*:*:*:*:*",
"matchCriteriaId": "1312B800-FE46-4D50-82E8-76201A8C3228",
"versionEndIncluding": "4.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:-:windows:*:*:*:*:*",
"matchCriteriaId": "06B35ABF-C401-4DF4-9935-55E797E60220",
"versionEndIncluding": "6.61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
},
{
"lang": "es",
"value": "F-Secure Internet Security 2010 y anteriores; Anti-Virus para Microsoft Exchange 9 y anteriores, y para MIMEsweeper v5.61 y anteriores; Internet Gatekeeper para Windows v6.61 y anteriores, y para Linux v4.02 y anteriores; Anti-Virus 2010 y anteriores; Home Server Security 2009; Protection Service para Consumers 9 y anteriores, para Business - Workstation security 9 y anteriores, para Business - Server Security 8 y anteriores, y para E-mail y Server security 9 y anteriores; Mac Protection build 8060 y anteriores; Client Security 9 y anteriores; y varios productos Anti-Virus para Windows, Linux, y Citrix no detectan adecuadamente malware en archivos (1) 7Z, (2) GZIP, (3) CAB, o (4) RAR manipulados, lo que facilita a atacantes evitar la detecci\u00f3n."
}
],
"id": "CVE-2010-1425",
"lastModified": "2024-11-21T01:14:23.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-15T21:30:00.383",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39396"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023841"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023842"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023843"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:51
Severity ?
Summary
Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 4.50_hotfix_1 | |
| f-secure | f-secure_anti-virus | 4.50_hotfix_2 | |
| f-secure | f-secure_anti-virus | 4.51_hotfix_2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "8C7F4E22-8609-4111-A588-BBA6CFBE3EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_2:*:linux:*:*:*:*:*",
"matchCriteriaId": "0AB5C071-A13A-4E32-9F40-E41B47D053BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51_hotfix_2:*:linux:*:*:*:*:*",
"matchCriteriaId": "DF853D24-E54D-4B0C-B78B-B1EBF29A3481",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV."
}
],
"id": "CVE-2004-1762",
"lastModified": "2024-11-20T23:51:41.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/11089"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/415734"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15432"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/11089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/415734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15432"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-01-21 00:03
Modified
2024-11-21 00:06
Severity ?
Summary
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "1473BDA6-ADD8-41C0-95DD-D82A1317FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "5A277838-B3AE-45E4-9E1D-005F63FB7573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "33C62796-C9C0-485E-A58B-6510AFA80F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "8A2035B9-D6DE-4091-84B0-EC73F491EC43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "2F448567-DCAB-4B5F-B939-5B630A5A9B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A49C5BE3-EF09-4B73-A8F7-95B428EB28F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "016877EA-FBDE-4E49-8077-CFFCFB8E7DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "8CFC86C0-2E3E-4057-808C-358B4B0463F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "857DC5D0-BAE2-47DE-92A3-63F4960A8022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "789D6655-F3FF-4F6C-BAF6-452D6ECA207B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "A8B5F6AF-561B-45B4-8087-D637FAB9E877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "B7D558FE-0C41-4FC1-AF94-2CDE69FF8CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "17C7BE07-1D72-4E06-BDD4-0281BE35CAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "FE057604-B92A-4B69-9CD5-189A33C90A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*",
"matchCriteriaId": "461627F0-2CEF-4623-B38E-6B30059B0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*",
"matchCriteriaId": "352EE11B-2385-4359-BEA1-706FEA3E9D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*",
"matchCriteriaId": "D35E1591-553E-42F0-AE3E-16A2A5640F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "99727375-701D-4AD9-9410-B69B7603807C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "AD772D28-E146-470A-AAD6-838587420FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*",
"matchCriteriaId": "6D9796D5-C957-410D-96A8-7C1AC1D614A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*",
"matchCriteriaId": "94B734B9-4D8C-4195-AA01-83DDEC535BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "AEF8C12D-ADF4-4FAE-8B13-B69BFA5AFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*",
"matchCriteriaId": "F874EF46-3E17-4A51-A576-7E0BFE1FD4EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1171FFA9-4898-4174-AD17-C6E47A120585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:firewalls:*:*:*:*:*",
"matchCriteriaId": "A937E670-6263-4497-B17F-1D19D48ED6CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "4401535F-9AC5-4419-A6B6-9A877887A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "97610DB9-0379-4EB3-95E6-9B5C21E5A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "5777A2C3-5EB0-495E-8E0E-94BCA86D5E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "2D43D811-F305-4709-9C43-862A7FC783B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "375B5B66-822B-4142-BAA3-0928DE7A8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*",
"matchCriteriaId": "33E76051-5D4A-4C8C-A911-3B78BFEA77CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "CC709820-939F-438A-8CAD-A9D4E192C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*",
"matchCriteriaId": "46AD4E4B-E01A-4CC5-8D05-14B5B6935408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*",
"matchCriteriaId": "05453A15-69B7-40AD-B14E-D00432DC4344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*",
"matchCriteriaId": "F54C74DD-DDF7-4747-8A59-F67114412BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:solutions_based_on_f-secure_personal_express:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E99B3025-7A16-4AD8-A5F8-2CE2D7E3E102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives."
}
],
"id": "CVE-2006-0337",
"lastModified": "2024-11-21T00:06:13.780",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-21T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18529"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015507"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015508"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015509"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015510"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22632"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16309"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0257"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24198"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-20 22:30
Modified
2024-11-21 00:32
Severity ?
Summary
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "1473BDA6-ADD8-41C0-95DD-D82A1317FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "5A277838-B3AE-45E4-9E1D-005F63FB7573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "33C62796-C9C0-485E-A58B-6510AFA80F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "2F448567-DCAB-4B5F-B939-5B630A5A9B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A49C5BE3-EF09-4B73-A8F7-95B428EB28F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "46D73A43-3FBF-422D-B3CF-136F4B7A9A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "58668CA2-425C-470E-BA2A-E791EEED6046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8549318-DCD7-420A-AAD6-CE1D7E167E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB606BE-CCA7-41BF-AB9F-E7C362FBADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E92D04F2-5029-445C-ADF5-4FCC11E658BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*",
"matchCriteriaId": "461627F0-2CEF-4623-B38E-6B30059B0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*",
"matchCriteriaId": "352EE11B-2385-4359-BEA1-706FEA3E9D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*",
"matchCriteriaId": "D35E1591-553E-42F0-AE3E-16A2A5640F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*",
"matchCriteriaId": "6D9796D5-C957-410D-96A8-7C1AC1D614A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*",
"matchCriteriaId": "94B734B9-4D8C-4195-AA01-83DDEC535BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "9EDFA260-07D3-463D-BDAA-4C6F9F4D52FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "AEF8C12D-ADF4-4FAE-8B13-B69BFA5AFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*",
"matchCriteriaId": "F874EF46-3E17-4A51-A576-7E0BFE1FD4EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1171FFA9-4898-4174-AD17-C6E47A120585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:client_security:*:*:*:*:*",
"matchCriteriaId": "995DCFD5-5745-48E6-BC0E-B8AE3F194CFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "4401535F-9AC5-4419-A6B6-9A877887A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:client_security:*:*:*:*:*",
"matchCriteriaId": "2B5FC2F8-A355-4964-B908-0DCC00734BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "97610DB9-0379-4EB3-95E6-9B5C21E5A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "5777A2C3-5EB0-495E-8E0E-94BCA86D5E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "2D43D811-F305-4709-9C43-862A7FC783B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "375B5B66-822B-4142-BAA3-0928DE7A8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "3F1CCFFE-4745-46BE-840F-F658245A6058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "880E04C0-42C2-4261-92D1-CF83133567F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:client_security:*:*:*:*:*",
"matchCriteriaId": "D990AE62-7B09-4DA8-ADB7-3CBA2DF18683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "C2BF5C8E-D1C4-4082-AFBE-8A8413CE1392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "BED6F056-D9E2-4799-A432-DC07F8154AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4382A281-75F3-455C-B7EF-8514531C17C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D98FEBC4-42EF-49BE-B4D5-03CC171802CA",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47A4B299-F94E-4369-A388-CE245A5D9B22",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1AD9C7-5990-4BFE-A2D2-7845EDBF478A",
"versionEndIncluding": "6.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*",
"matchCriteriaId": "33E76051-5D4A-4C8C-A911-3B78BFEA77CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*",
"matchCriteriaId": "46AD4E4B-E01A-4CC5-8D05-14B5B6935408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.15.484:*:linux:*:*:*:*:*",
"matchCriteriaId": "574BD76C-3990-4B5D-B111-B6D980B166CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.16:*:linux:*:*:*:*:*",
"matchCriteriaId": "E5668C3F-8BA7-47B1-8428-21D7346824DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:solutions_based_on_f-secure_personal_express:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E99B3025-7A16-4AD8-A5F8-2CE2D7E3E102",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive."
},
{
"lang": "es",
"value": "M\u00faltiples productos antivirus de F-Secure para Microsoft Windows y Linux anterior al 19/06/2007 permiten a atacantes remotos evitar el escaneo mediante una cabecera artesanal en un archivo (1) LHA o (2) RAR."
}
],
"id": "CVE-2007-3300",
"lastModified": "2024-11-21T00:32:53.680",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-06-20T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36728"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36729"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25738"
},
{
"source": "cve@mitre.org",
"url": "http://www.f-secure.com/security/fsc-2007-5.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24525"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018266"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018267"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018268"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2247"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.f-secure.com/security/fsc-2007-5.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24525"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018266"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018267"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34942"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:53
Severity ?
Summary
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "5A277838-B3AE-45E4-9E1D-005F63FB7573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "33C62796-C9C0-485E-A58B-6510AFA80F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "016877EA-FBDE-4E49-8077-CFFCFB8E7DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "8CFC86C0-2E3E-4057-808C-358B4B0463F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "A8B5F6AF-561B-45B4-8087-D637FAB9E877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "B7D558FE-0C41-4FC1-AF94-2CDE69FF8CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*",
"matchCriteriaId": "352EE11B-2385-4359-BEA1-706FEA3E9D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*",
"matchCriteriaId": "94B734B9-4D8C-4195-AA01-83DDEC535BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1171FFA9-4898-4174-AD17-C6E47A120585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "4401535F-9AC5-4419-A6B6-9A877887A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "97610DB9-0379-4EB3-95E6-9B5C21E5A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "5777A2C3-5EB0-495E-8E0E-94BCA86D5E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "2D43D811-F305-4709-9C43-862A7FC783B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA95C918-917F-4A49-822C-487A07E6F91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*",
"matchCriteriaId": "CC709820-939F-438A-8CAD-A9D4E192C332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*",
"matchCriteriaId": "05453A15-69B7-40AD-B14E-D00432DC4344",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system."
}
],
"id": "CVE-2004-2442",
"lastModified": "2024-11-20T23:53:21.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13263/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ciac.org/ciac/bulletins/p-041.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2004-3.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11732"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18217"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://secunia.com/advisories/13263/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ciac.org/ciac/bulletins/p-041.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2004-3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/11732"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18217"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-01-21 00:03
Modified
2024-11-21 00:06
Severity ?
Summary
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "5A277838-B3AE-45E4-9E1D-005F63FB7573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "33C62796-C9C0-485E-A58B-6510AFA80F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "8A2035B9-D6DE-4091-84B0-EC73F491EC43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "2F448567-DCAB-4B5F-B939-5B630A5A9B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A49C5BE3-EF09-4B73-A8F7-95B428EB28F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "016877EA-FBDE-4E49-8077-CFFCFB8E7DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "8CFC86C0-2E3E-4057-808C-358B4B0463F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "A8B5F6AF-561B-45B4-8087-D637FAB9E877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "B7D558FE-0C41-4FC1-AF94-2CDE69FF8CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "17C7BE07-1D72-4E06-BDD4-0281BE35CAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "FE057604-B92A-4B69-9CD5-189A33C90A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*",
"matchCriteriaId": "352EE11B-2385-4359-BEA1-706FEA3E9D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*",
"matchCriteriaId": "D35E1591-553E-42F0-AE3E-16A2A5640F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "0D47BE5A-D3C9-4B97-AFB1-633AE69F911E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "AD772D28-E146-470A-AAD6-838587420FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*",
"matchCriteriaId": "94B734B9-4D8C-4195-AA01-83DDEC535BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*",
"matchCriteriaId": "F874EF46-3E17-4A51-A576-7E0BFE1FD4EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1171FFA9-4898-4174-AD17-C6E47A120585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:firewalls:*:*:*:*:*",
"matchCriteriaId": "A937E670-6263-4497-B17F-1D19D48ED6CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "4401535F-9AC5-4419-A6B6-9A877887A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "97610DB9-0379-4EB3-95E6-9B5C21E5A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "5777A2C3-5EB0-495E-8E0E-94BCA86D5E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "2D43D811-F305-4709-9C43-862A7FC783B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "375B5B66-822B-4142-BAA3-0928DE7A8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA95C918-917F-4A49-822C-487A07E6F91E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*",
"matchCriteriaId": "33E76051-5D4A-4C8C-A911-3B78BFEA77CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*",
"matchCriteriaId": "46AD4E4B-E01A-4CC5-8D05-14B5B6935408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*",
"matchCriteriaId": "05453A15-69B7-40AD-B14E-D00432DC4344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*",
"matchCriteriaId": "F54C74DD-DDF7-4747-8A59-F67114412BFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned."
}
],
"id": "CVE-2006-0338",
"lastModified": "2024-11-21T00:06:13.943",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-21T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18529"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015507"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015508"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015509"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015510"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22633"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16309"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0257"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015509"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/q-103.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2006-1.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16309"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24199"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-31 23:30
Modified
2024-11-21 00:32
Severity ?
Summary
Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "75319428-D8AF-4863-9B55-30CD6D41DA54",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "213E4AAB-E890-4D5A-935E-C44120729179",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "131C7D74-C1E0-47D6-8246-5B77330F7E02",
"versionEndIncluding": "5.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "723EB35B-5E24-4901-BDB6-D16D063F9857",
"versionEndIncluding": "5.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "22E20219-86BC-4571-9021-41DAC45B9E8F",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "CFE0DE01-2910-49C6-AF4B-5799FEB04338",
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "E6FF2902-D9CE-477E-BF73-561B12F526FC",
"versionEndIncluding": "6.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52D9FF34-1EEF-4C5F-B709-927931825A36",
"versionEndIncluding": "6.03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAD9FFA-92EF-427B-8499-47206A9EE07C",
"versionEndIncluding": "5.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE516E5-2CD5-42FC-8197-045ED44E651A",
"versionEndIncluding": "5.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service:*:*:consumers:*:*:*:*:*",
"matchCriteriaId": "CEB47D96-AAF6-4F44-833D-26224C4D1F49",
"versionEndIncluding": "6.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "8972DE53-0C05-471E-B7C0-4212043B9543",
"versionEndIncluding": "2.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75FDCA01-A786-43CA-958A-62EFF8CA813E",
"versionEndIncluding": "6.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and \"access validation of the address space.\""
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el componente Real-time Scanning en m\u00faltiples productos de F-Secure, incluyendo Internet Security 2005, 2006 y2007; Anti-Virus 2005, 2006 y 2007 y Solutions basadas en F-Secure Protection Service for Consumers 6.40 y versiones anteriores permite a usuarios locales obtener privilegios a trav\u00e9s de paquetes de petici\u00f3n I/O (IRP) manipulados, relacionado con el IOCTL (Control de Entrada/Salida) y \"Validaci\u00f3n del acceso al espacio de direcciones\"."
}
],
"id": "CVE-2007-2965",
"lastModified": "2024-11-21T00:32:04.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-31T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36727"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25439"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2007-2.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25439"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2007-2.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34579"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-05-02 04:00
Modified
2024-11-20 23:54
Severity ?
Summary
Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "AD54BC7B-CBD8-4D02-8820-95B2167F0582",
"versionEndIncluding": "4.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6E42F017-98A7-4124-9D86-EA298F9EA25F",
"versionEndIncluding": "4.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "43B1DC94-12A4-438E-8EF6-02CE3BDCD960",
"versionEndIncluding": "4.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "F18B3BB2-60F6-4E24-869C-2A411C697668",
"versionEndIncluding": "5.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "BA62B7FB-0C89-48F1-AC7C-1128702BD736",
"versionEndIncluding": "5.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "D93C56CE-CFA2-40B4-9A35-7C413900EDB4",
"versionEndIncluding": "5.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "415DDB5B-7829-4971-BD1A-4C59FA930EC0",
"versionEndIncluding": "5.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "315C0071-C761-4DC3-8640-E9334350C2B0",
"versionEndIncluding": "5.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
"matchCriteriaId": "8D795DA7-D19B-4730-9995-E0953B858FAD",
"versionEndIncluding": "5.55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:firewalls:*:*:*:*:*",
"matchCriteriaId": "30A6D6C5-BDFB-41A6-A941-27529CF2BDB7",
"versionEndIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1B9E90E3-71D8-41B3-9E04-4DC115C16814",
"versionEndIncluding": "6.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C7D56465-6411-449F-BF05-B303B0EF575E",
"versionEndIncluding": "5.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AAB47F1-ACE9-417F-8FB4-480A5728D598",
"versionEndIncluding": "6.41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*",
"matchCriteriaId": "33E76051-5D4A-4C8C-A911-3B78BFEA77CE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive."
}
],
"id": "CVE-2005-0350",
"lastModified": "2024-11-20T23:54:56.917",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-05-02T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2005-1.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2005-1.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://xforce.iss.net/xforce/alerts/id/188"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:37
Severity ?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, Avira AntiVir versi\u00f3n 7.11.1.163, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, AVG Anti-Virus versi\u00f3n 10.0.0.1190, Bitdefender versi\u00f3n 7.2, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, ClamAV versi\u00f3n 0.96.4, Command Antivirus versi\u00f3n 5.2.11.5, Comodo Antivirus versi\u00f3n 7424, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, F-Prot Antivirus versi\u00f3n 4.6.2.117, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, Fortinet Antivirus versi\u00f3n 4.2.254.0, G Data AntiVirus versi\u00f3n 21, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Jiangmin Antivirus versi\u00f3n 13.0.900, K7 AntiVirus versi\u00f3n 9.77.3565, Kaspersky Anti-Virus versi\u00f3n 7.0.0.125, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, NOD32 Antivirus versi\u00f3n 5795, Norman Antivirus versi\u00f3n 6.06.12, nProtect antivirus versi\u00f3n 2011-01-17.01, Panda Antivirus versi\u00f3n 10.0.2.7, PC Tools AntiVirus versi\u00f3n 7.0.3.5, Rising Antivirus versi\u00f3n 22.83.00.03, Sophos Anti-Virus versi\u00f3n 4.61.0, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, VBA32 versi\u00f3n 3.12.14.2 y VirusBuster versi\u00f3n 13.6.151.0, permite a los atacantes remotos omitir la detecci\u00f3n de malware por medio de una entrada de archivo TAR con un campo de longitud correspondiente a toda la entrada, adem\u00e1s de parte del encabezado de la siguiente entrada. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador de TAR."
}
],
"id": "CVE-2012-1459",
"lastModified": "2024-11-21T01:37:02.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.597",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80390"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80392"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80393"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80406"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80407"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-22 22:44
Modified
2024-11-21 00:43
Severity ?
Summary
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C8609465-1436-4F50-B7EE-0DF9DA7AA4CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "85517B0C-8C1A-4306-8466-2C138AD0709A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F0657810-2CB9-4887-8AA2-3E0927937820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "59FA86FF-A114-44EB-884A-766BEE17FD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD2B3CE-78CC-4BE7-80EB-25675371B5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:4.65:*:*:*:*:*:*:*",
"matchCriteriaId": "04102648-2C1C-420E-BBF7-5C948F0EE479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "9848B969-A0A4-4F38-9C6C-79395EFF8254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "605AB820-8069-430A-89AC-3E0122EB3B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9F9488-8DA8-48A9-9A11-B5E0D7AA9A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E77AB622-B899-46FD-9DFA-1964B57A9458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DB2DD7-86DC-440A-B8D9-0A84034E808F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C0DCADF7-B044-4646-B215-52685609ED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A097721B-9CBA-4E2D-B5E5-B7AAD938E61F",
"versionEndIncluding": "3.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "604EFE23-657D-406F-81BF-17BA524E8423",
"versionEndIncluding": "7.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792."
},
{
"lang": "es",
"value": "M\u00faltiples productos antivirus de F-Secure, incluyendo Internet Security de 2006 a 2008, Anti-Virus de 2006 a 2008, F-Secure Protection Service y otros, permiten a atacantes remotos evitar las detecciones del malware a trav\u00e9s de un archivo RAR manipulado. NOTA: podr\u00eda estar relacionado con CVE-2008-0792."
}
],
"id": "CVE-2008-0910",
"lastModified": "2024-11-21T00:43:12.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-22T22:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28919"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019405"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019412"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019413"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019405"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019413"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-09-09 04:00
Modified
2024-11-20 23:49
Severity ?
Summary
The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 6.01 | |
| f-secure | f-secure_anti-virus | 6.2 | |
| f-secure | f-secure_anti-virus | 6.21 | |
| f-secure | f-secure_content_scanner_server | 6.31 | |
| f-secure | internet_gatekeeper | 6.3 | |
| f-secure | internet_gatekeeper | 6.31 | |
| f-secure | internet_gatekeeper | 6.32 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1171FFA9-4898-4174-AD17-C6E47A120585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "4401535F-9AC5-4419-A6B6-9A877887A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_content_scanner_server:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "79A9C098-AE60-43A7-BCE9-9DA1F2EA0B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet."
}
],
"id": "CVE-2004-0830",
"lastModified": "2024-11-20T23:49:30.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-09-09T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=109483205925698\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2004-2.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=137\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11145"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=109483205925698\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2004-2.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=137\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/11145"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17307"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-18 06:04
Modified
2024-11-21 00:02
Severity ?
Summary
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 4.50 | |
| kaspersky_lab | kaspersky_anti-virus | 5.0.5 | |
| kaspersky_lab | kaspersky_anti-virus | 5.0.5 | |
| kaspersky_lab | kaspersky_anti-virus_personal | 5.0.227 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:linux:*:*:*:*:*",
"matchCriteriaId": "55C7A7CD-1BAB-475A-BEC1-3AFD15366103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "5A3B9DBA-58A9-4E15-8B22-67795D047278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "A4C38ABE-5C16-4DD0-88A4-21597315567F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227:*:*:*:*:*:*:*",
"matchCriteriaId": "E101D150-B268-43AA-9876-469DF471DFC4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file."
}
],
"id": "CVE-2005-3664",
"lastModified": "2024-11-21T00:02:23.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-18T06:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17130"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17144"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/19912"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/19913"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15054"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19912"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/19913"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-03-21 01:19
Modified
2024-11-21 00:28
Severity ?
Summary
Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 6.02 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:client_security:*:*:*:*:*",
"matchCriteriaId": "995DCFD5-5745-48E6-BC0E-B8AE3F194CFD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page."
},
{
"lang": "es",
"value": "Vulnerabilidad de cadena de formato en F-Secure Anti-Virus Client Security 6.02 permite a usuarios locales provocar denegaci\u00f3n de servicio y posiblemente ganar privilegos a trav\u00e9s de especificaciones de formato de cadena en el campo nombre de Management Server sobre la p\u00e1gina de configuraci\u00f3n de la comunicaci\u00f3n."
}
],
"id": "CVE-2007-1557",
"lastModified": "2024-11-21T00:28:36.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-03-21T01:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34764"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2472"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.layereddefense.com/F-SecureMar18.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/463190/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23023"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.layereddefense.com/F-SecureMar18.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/463190/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1055"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-03-21 10:11
Modified
2024-11-21 01:36
Severity ?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos RAR en ClamAV versi\u00f3n 0.96.4, Rising Antivirus versi\u00f3n 22.83.00.03, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, G Data AntiVirus versi\u00f3n 21, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Command Antivirus versi\u00f3n 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, PC Tools AntiVirus versi\u00f3n 7.0.3.5, F-Prot Antivirus versi\u00f3n 4.6.2.117, VirusBuster versi\u00f3n 13.6.151.0, Fortinet antivirus versi\u00f3n 4.2.254.0, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, K7 AntiVirus versi\u00f3n 9.77.3565, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, Kaspersky Antivirus versi\u00f3n 7.0.0.125, Jiangmin Antivirus versi\u00f3n 13.0.900, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, Sophos Anti-Virus versi\u00f3n 4.61.0, NOD32 Antivirus versi\u00f3n 5795, Avira AntiVir versi\u00f3n 7.11.1.163, Norman Antivirus versi\u00f3n 6.06.12, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, Panda Antivirus versi\u00f3n 10.0.2.7, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Comodo Antivirus versi\u00f3n 7424, Bitdefender versi\u00f3n 7.2, eSafe versi\u00f3n 7.0.17.0, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, nProtect Versi\u00f3n antivirus 2011-01-17.01, AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, AVG Anti-Virus versi\u00f3n 10.0.0.1190, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, y VBA32 versi\u00f3n 3.12.14.2, permite a los atacantes remotos asistidos por el usuario omitir la detecci\u00f3n de malware por medio de un archivo RAR con una inicial Secuencia de caracteres MZ. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador RAR."
}
],
"id": "CVE-2012-1443",
"lastModified": "2024-11-21T01:36:59.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:48.083",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80454"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80455"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80456"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80457"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80458"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80459"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80460"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80461"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80467"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80468"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80469"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80471"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80472"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52612"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-05-31 23:30
Modified
2024-11-21 00:32
Severity ?
Summary
Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "75319428-D8AF-4863-9B55-30CD6D41DA54",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "213E4AAB-E890-4D5A-935E-C44120729179",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "131C7D74-C1E0-47D6-8246-5B77330F7E02",
"versionEndIncluding": "5.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "723EB35B-5E24-4901-BDB6-D16D063F9857",
"versionEndIncluding": "5.44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "22E20219-86BC-4571-9021-41DAC45B9E8F",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "CFE0DE01-2910-49C6-AF4B-5799FEB04338",
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "E6FF2902-D9CE-477E-BF73-561B12F526FC",
"versionEndIncluding": "6.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52D9FF34-1EEF-4C5F-B709-927931825A36",
"versionEndIncluding": "6.03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4EAD9FFA-92EF-427B-8499-47206A9EE07C",
"versionEndIncluding": "5.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DE516E5-2CD5-42FC-8197-045ED44E651A",
"versionEndIncluding": "5.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service:*:*:consumers:*:*:*:*:*",
"matchCriteriaId": "CEB47D96-AAF6-4F44-833D-26224C4D1F49",
"versionEndIncluding": "6.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "8972DE53-0C05-471E-B7C0-4212043B9543",
"versionEndIncluding": "2.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "75FDCA01-A786-43CA-958A-62EFF8CA813E",
"versionEndIncluding": "6.60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en el componente de descompresi\u00f3n LHA en productos antivirus de F-Secure para Microsoft Windows y Linux anterior a versi\u00f3n 20070529, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (bloqueo de la aplicaci\u00f3n) por medio de un archivo LHA ??creado, relacionado con un ajuste de entero, un problema similar a CVE-2006-4335."
}
],
"id": "CVE-2007-2966",
"lastModified": "2024-11-21T00:32:04.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-05-31T23:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/36724"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25426"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1018147"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2007-1.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.nruns.com/security_advisory_fsecure_lzh.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/470256/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24235"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/36724"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1018147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2007-1.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.nruns.com/security_advisory_fsecure_lzh.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/470256/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018146"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1985"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34575"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-02 23:02
Modified
2024-11-21 00:01
Severity ?
Summary
Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 6.40 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.41 | |
| f-secure | internet_gatekeeper | 6.42 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "375B5B66-822B-4142-BAA3-0928DE7A8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*",
"matchCriteriaId": "05453A15-69B7-40AD-B14E-D00432DC4344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*",
"matchCriteriaId": "F54C74DD-DDF7-4747-8A59-F67114412BFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files."
}
],
"id": "CVE-2005-3468",
"lastModified": "2024-11-21T00:01:58.183",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-02T23:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17361"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015142"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015143"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2005-2.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15284"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17361"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2005-2.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15284"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2277"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-11-16 07:42
Modified
2024-11-21 00:02
Severity ?
Summary
suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | * | |
| f-secure | internet_gatekeeper | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "F83DDDED-51E8-43DE-BBA8-4AD36F920BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "A4C973E1-597B-4D5C-B8AA-DCCEE4FC3480",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege."
},
{
"lang": "es",
"value": "Los scritps suid.cgi en F-Secure (1) Internet Gatekeeper para Linux anteriores a 2.15.484 y (2) Anti-Virus Linux Gateway anteriores a 2.16 son instalados con SUID y con permiso de ejecuci\u00f3n para todo el mundo, lo que permite a usuarios locales ganar privilegios.\r\n"
}
],
"id": "CVE-2005-3546",
"lastModified": "2024-11-21T00:02:09.047",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-16T07:42:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17467"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015159"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015160"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2005-3.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20513"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20537"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20538"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20539"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20540"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20541"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20542"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20543"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20544"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20545"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20546"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20547"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20548"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20549"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20550"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20551"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/20552"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15339"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2005/2331"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22966"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015159"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2005-3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20513"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20537"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20541"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20543"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20544"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20547"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20549"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/20552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2005/2331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22966"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:53
Severity ?
Summary
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux:*:*:*:*:*",
"matchCriteriaId": "0B513907-648B-4F67-96D1-E028C389E874",
"versionEndIncluding": "4.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "D1087A49-25FB-4523-B8B6-6095BFD7BB7B",
"versionEndIncluding": "5.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "131C7D74-C1E0-47D6-8246-5B77330F7E02",
"versionEndIncluding": "5.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
"matchCriteriaId": "0FA31012-C608-4157-8E9E-4A4CD291323A",
"versionEndIncluding": "5.42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
"matchCriteriaId": "482547EC-5A01-43D9-9F97-11C012E0F119",
"versionEndIncluding": "5.52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "52BD1305-8A6C-4FF1-9966-CDE0A1A18E9E",
"versionEndIncluding": "6.21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A81A600F-BD38-409D-BF4C-0DA25503E475",
"versionEndIncluding": "2004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9176A3-93E8-40E6-A386-4EC5B86EEDDE",
"versionEndIncluding": "6.20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7AA685D1-05A2-4036-A0D9-F2B048B26B0B",
"versionEndIncluding": "2004",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3DFCF8-010C-4877-A17D-59F6E58A05C0",
"versionEndIncluding": "6.32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive."
}
],
"id": "CVE-2004-2405",
"lastModified": "2024-11-20T23:53:16.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11712"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2004-1.shtml"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2004-1.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16258"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
"matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
"matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
"matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
"matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en la pila en la funci\u00f3n get_header de header.c de LHA 1.14 utilizado en productos como Barracuda Spam Firewall, permite a atacantes remotos o a usuarios locales ejecutar c\u00f3digo arbitrario mediante nombres de fichero o de directorio largos en un archivo LHA, lo que dispara el desbordamiento cuando se prueba o se extrae un fichero."
}
],
"id": "CVE-2004-0234",
"lastModified": "2024-11-20T23:48:03.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-08-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19514"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015866"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "cve@mitre.org",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5753"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/5754"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/19514"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2004/dsa-515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5753"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/5754"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/1220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:52
Severity ?
Summary
F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 5.5 | |
| f-secure | f-secure_anti-virus | 5.41 | |
| f-secure | f-secure_anti-virus | 5.41 | |
| f-secure | f-secure_anti-virus | 5.42 | |
| f-secure | f-secure_anti-virus | 5.42 | |
| f-secure | f-secure_anti-virus | 5.52 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "9528ACFA-2A1C-4292-BDB6-93041E9CE97E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "035181DB-9366-42A7-B783-3E8415FA8FBB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection."
}
],
"id": "CVE-2004-2276",
"lastModified": "2024-11-20T23:52:56.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11699"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.f-secure.de/ger/home/downloads/hotfixes/av5-hotfixes.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6409"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16243"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-linux-hotfixes.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.f-secure.de/ger/home/downloads/hotfixes/av5-hotfixes.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16243"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-06-06 20:06
Modified
2024-11-21 00:12
Severity ?
Summary
Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 6.40 | |
| f-secure | internet_gatekeeper | 6.4 | |
| f-secure | internet_gatekeeper | 6.41 | |
| f-secure | internet_gatekeeper | 6.42 | |
| f-secure | internet_gatekeeper | 6.50 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "375B5B66-822B-4142-BAA3-0928DE7A8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*",
"matchCriteriaId": "05453A15-69B7-40AD-B14E-D00432DC4344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*",
"matchCriteriaId": "F54C74DD-DDF7-4747-8A59-F67114412BFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.50:*:*:*:*:*:*:*",
"matchCriteriaId": "905F63E8-4535-4353-A911-FDC8616F118A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host."
}
],
"evaluatorSolution": "Update to a fixed version or apply hotfix.",
"id": "CVE-2006-2838",
"lastModified": "2024-11-21T00:12:12.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-06-06T20:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20407"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016196"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016197"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2006-3.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2076"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/20407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1016197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2006-3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26799"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}