cvelistv5 - cve-2006-3489

cve-2006-3489

Vulnerability from cvelistv5

Published

2006-07-10 22:00

Modified

2024-08-07 18:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/20858
cve@mitre.org	http://securitytracker.com/id?1016400
cve@mitre.org	http://securitytracker.com/id?1016401
cve@mitre.org	http://www.f-secure.com/security/fsc-2006-4.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/26875
cve@mitre.org	http://www.securityfocus.com/bid/18693
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2573
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27498
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20858
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016400
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016401
af854a3a-2127-422b-91ae-364da2661108	http://www.f-secure.com/security/fsc-2006-4.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/26875
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18693
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2573
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27498

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:30:34.324Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20858",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20858"
          },
          {
            "name": "1016400",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016400"
          },
          {
            "name": "26875",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/26875"
          },
          {
            "name": "18693",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18693"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
          },
          {
            "name": "1016401",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016401"
          },
          {
            "name": "fsecure-antivirus-filename-security-bypass(27498)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
          },
          {
            "name": "ADV-2006-2573",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2573"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-06-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20858",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20858"
        },
        {
          "name": "1016400",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016400"
        },
        {
          "name": "26875",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/26875"
        },
        {
          "name": "18693",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18693"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
        },
        {
          "name": "1016401",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1016401"
        },
        {
          "name": "fsecure-antivirus-filename-security-bypass(27498)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
        },
        {
          "name": "ADV-2006-2573",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2573"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3489",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20858",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20858"
            },
            {
              "name": "1016400",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016400"
            },
            {
              "name": "26875",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/26875"
            },
            {
              "name": "18693",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18693"
            },
            {
              "name": "http://www.f-secure.com/security/fsc-2006-4.shtml",
              "refsource": "CONFIRM",
              "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
            },
            {
              "name": "1016401",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1016401"
            },
            {
              "name": "fsecure-antivirus-filename-security-bypass(27498)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
            },
            {
              "name": "ADV-2006-2573",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2573"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3489",
    "datePublished": "2006-07-10T22:00:00",
    "dateReserved": "2006-07-10T00:00:00",
    "dateUpdated": "2024-08-07T18:30:34.324Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*\", \"versionEndIncluding\": \"5.44\", \"matchCriteriaId\": \"723EB35B-5E24-4901-BDB6-D16D063F9857\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*\", \"versionEndIncluding\": \"5.52\", \"matchCriteriaId\": \"141114BE-BDF1-45D7-A4D7-BF55172FB2E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*\", \"versionEndIncluding\": \"5.61\", \"matchCriteriaId\": \"CFE0DE01-2910-49C6-AF4B-5799FEB04338\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*\", \"versionEndIncluding\": \"6.01\", \"matchCriteriaId\": \"8C8DC4C2-E570-412E-BCF8-05B65D190383\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*\", \"matchCriteriaId\": \"095A03CE-6B8F-4275-87BE-44E807F97939\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*\", \"matchCriteriaId\": \"2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*\", \"matchCriteriaId\": \"CAB9474C-A4F9-45C0-A77C-34B794AE2262\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"831F0C4D-C85F-46DA-BC9E-D3F56DE2B085\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F996B07-8B07-42A6-86FC-B5B55F708861\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C2C1784-2482-4CBE-BE6D-4519C3FB64BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6689D4E1-F8DC-46D9-BA35-4E4AE9C28456\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0429B86A-F228-44E8-ABBB-D57BEE3679F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"89A0FDD3-3364-4452-BD6F-EB6F85D3119A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C788A5AB-C847-476C-9767-C6711F2D4EA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A730182C-A1EC-410E-82F2-893815444638\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.\"}, {\"lang\": \"es\", \"value\": \"F-Secure Anti-Virus de 2003 a 2006 y otras versiones, Internet Security de 2003 a 2006 y Service Platform para Service Providers 6.x y anteriores permite a atacantes remotos evitar la b\\u00fasqueda antivirus a trav\\u00e9s de un nombre de archivo manipulado.\"}]",
      "id": "CVE-2006-3489",
      "lastModified": "2024-11-21T00:13:43.947",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:P/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-07-10T22:05:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/20858\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1016400\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1016401\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.f-secure.com/security/fsc-2006-4.shtml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/26875\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/18693\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2573\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27498\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/20858\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016400\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1016401\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.f-secure.com/security/fsc-2006-4.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.osvdb.org/26875\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/18693\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/2573\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/27498\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-3489\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-07-10T22:05:00.000\",\"lastModified\":\"2024-11-21T00:13:43.947\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.\"},{\"lang\":\"es\",\"value\":\"F-Secure Anti-Virus de 2003 a 2006 y otras versiones, Internet Security de 2003 a 2006 y Service Platform para Service Providers 6.x y anteriores permite a atacantes remotos evitar la b\u00fasqueda antivirus a trav\u00e9s de un nombre de archivo manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*\",\"versionEndIncluding\":\"5.44\",\"matchCriteriaId\":\"723EB35B-5E24-4901-BDB6-D16D063F9857\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*\",\"versionEndIncluding\":\"5.52\",\"matchCriteriaId\":\"141114BE-BDF1-45D7-A4D7-BF55172FB2E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*\",\"versionEndIncluding\":\"5.61\",\"matchCriteriaId\":\"CFE0DE01-2910-49C6-AF4B-5799FEB04338\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*\",\"versionEndIncluding\":\"6.01\",\"matchCriteriaId\":\"8C8DC4C2-E570-412E-BCF8-05B65D190383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*\",\"matchCriteriaId\":\"095A03CE-6B8F-4275-87BE-44E807F97939\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*\",\"matchCriteriaId\":\"2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*\",\"matchCriteriaId\":\"CAB9474C-A4F9-45C0-A77C-34B794AE2262\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"831F0C4D-C85F-46DA-BC9E-D3F56DE2B085\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F996B07-8B07-42A6-86FC-B5B55F708861\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C2C1784-2482-4CBE-BE6D-4519C3FB64BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6689D4E1-F8DC-46D9-BA35-4E4AE9C28456\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0429B86A-F228-44E8-ABBB-D57BEE3679F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"89A0FDD3-3364-4452-BD6F-EB6F85D3119A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C788A5AB-C847-476C-9767-C6711F2D4EA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A730182C-A1EC-410E-82F2-893815444638\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/20858\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016400\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1016401\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.f-secure.com/security/fsc-2006-4.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/26875\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/18693\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2573\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27498\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/20858\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016400\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1016401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.f-secure.com/security/fsc-2006-4.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.osvdb.org/26875\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/18693\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/2573\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/27498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

cve-2006-3489

Vulnerability from fkie_nvd

Published

2006-07-10 22:05

Modified

2024-11-21 00:13

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/20858
cve@mitre.org	http://securitytracker.com/id?1016400
cve@mitre.org	http://securitytracker.com/id?1016401
cve@mitre.org	http://www.f-secure.com/security/fsc-2006-4.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/26875
cve@mitre.org	http://www.securityfocus.com/bid/18693
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2573
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27498
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20858
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016400
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1016401
af854a3a-2127-422b-91ae-364da2661108	http://www.f-secure.com/security/fsc-2006-4.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/26875
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18693
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2573
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27498

Impacted products

Vendor	Product	Version
f-secure	f-secure_anti-virus	*
f-secure	f-secure_anti-virus	*
f-secure	f-secure_anti-virus	*
f-secure	f-secure_anti-virus	*
f-secure	f-secure_anti-virus	5.5
f-secure	f-secure_anti-virus	5.51
f-secure	f-secure_anti-virus	5.52
f-secure	f-secure_anti-virus	2003
f-secure	f-secure_anti-virus	2004
f-secure	f-secure_anti-virus	2005
f-secure	f-secure_anti-virus	2006
f-secure	f-secure_internet_security	2003
f-secure	f-secure_internet_security	2004
f-secure	f-secure_internet_security	2005
f-secure	f-secure_internet_security	2006
f-secure	f-secure_service_platform_for_service_providers	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
              "matchCriteriaId": "723EB35B-5E24-4901-BDB6-D16D063F9857",
              "versionEndIncluding": "5.44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
              "matchCriteriaId": "141114BE-BDF1-45D7-A4D7-BF55172FB2E3",
              "versionEndIncluding": "5.52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
              "matchCriteriaId": "CFE0DE01-2910-49C6-AF4B-5799FEB04338",
              "versionEndIncluding": "5.61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
              "matchCriteriaId": "8C8DC4C2-E570-412E-BCF8-05B65D190383",
              "versionEndIncluding": "6.01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
              "matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
              "matchCriteriaId": "2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
              "matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A730182C-A1EC-410E-82F2-893815444638",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
    },
    {
      "lang": "es",
      "value": "F-Secure Anti-Virus de 2003 a 2006 y otras versiones, Internet Security de 2003 a 2006 y Service Platform para Service Providers 6.x y anteriores permite a atacantes remotos evitar la b\u00fasqueda antivirus a trav\u00e9s de un nombre de archivo manipulado."
    }
  ],
  "id": "CVE-2006-3489",
  "lastModified": "2024-11-21T00:13:43.947",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-07-10T22:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/20858"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016400"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1016401"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/26875"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/18693"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2573"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/20858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016400"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1016401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/26875"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/18693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2573"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. Multiple products by F-Secure are prone to scan-evasion vulnerabilities. Exploitation of these vulnerabilities may result in a false sense of security and in the execution of malicious applications. This could potentially lead to a malicious code infection.

Want to join the Secunia Security Team?

Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports.

1) An unspecified error within the handling of executable programs where the name has been manipulated in a certain way can be exploited to bypass the anti-virus scanning functionality.

2) An error causes files on removable media to not be scanned when the "Scan network devices" option has been disabled.

SOLUTION: Apply patches (see patch matrix in the vendor's advisory).

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: F-Secure: http://www.f-secure.com/security/fsc-2006-4.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200607-0032",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f secure",
        "version": "2005"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f secure",
        "version": "2006"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.51"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.5"
      },
      {
        "model": "f-secure service platform for service providers",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "*"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "6.01"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.61"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.44"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2005"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2006"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f secure",
        "version": "5.61"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f secure",
        "version": "5.44"
      },
      {
        "model": "f-secure service platform for service providers",
        "scope": null,
        "trust": 0.6,
        "vendor": "f secure",
        "version": null
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "f secure",
        "version": "6.01"
      },
      {
        "model": "service platform for service providers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "6"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.10"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.0"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.7"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.6"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.5"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "20060"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2005"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.44"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.43"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.40"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.50"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.61"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.51"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.50"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for citrix servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "anti-virus for citrix servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.5"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "6.01"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.55"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.54"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.50"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "20060"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2005"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2003"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "18693"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.44",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.52",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.61",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.01",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "F-Secure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-3489",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-19597",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-3489",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200607-110",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-19597",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19597"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. Multiple products by F-Secure are prone to scan-evasion vulnerabilities. \nExploitation of these vulnerabilities may result in a false sense of security and in the execution of malicious applications. This could potentially lead to a malicious code infection. \n\n----------------------------------------------------------------------\n\nWant to join the Secunia Security Team?\n\nSecunia offers a position as a security specialist, where your daily\nwork involves reverse engineering of software and exploit code,\nauditing of source code, and analysis of vulnerability reports. \n\n1) An unspecified error within the handling of executable programs\nwhere the name has been manipulated in a certain way can be exploited\nto bypass the anti-virus scanning functionality. \n\n2) An error causes files on removable media to not be scanned when\nthe \"Scan network devices\" option has been disabled. \n\nSOLUTION:\nApply patches (see patch matrix in the vendor\u0027s advisory). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nF-Secure:\nhttp://www.f-secure.com/security/fsc-2006-4.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "db": "BID",
        "id": "18693"
      },
      {
        "db": "VULHUB",
        "id": "VHN-19597"
      },
      {
        "db": "PACKETSTORM",
        "id": "47832"
      }
    ],
    "trust": 1.35
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "18693",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "20858",
        "trust": 1.8
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3489",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1016400",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1016401",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "26875",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-2573",
        "trust": 1.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "27498",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-19597",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "47832",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19597"
      },
      {
        "db": "BID",
        "id": "18693"
      },
      {
        "db": "PACKETSTORM",
        "id": "47832"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ]
  },
  "id": "VAR-200607-0032",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19597"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:35:34.628000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/18693"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/26875"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1016400"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1016401"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/20858"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/2573"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/2573"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/27498"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/457/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2718/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/455/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_specialist/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4299/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/452/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4300/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6883/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5786/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/20858/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6885/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5198/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3500/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6882/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3499/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-19597"
      },
      {
        "db": "BID",
        "id": "18693"
      },
      {
        "db": "PACKETSTORM",
        "id": "47832"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-19597"
      },
      {
        "db": "BID",
        "id": "18693"
      },
      {
        "db": "PACKETSTORM",
        "id": "47832"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-07-10T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19597"
      },
      {
        "date": "2006-06-28T00:00:00",
        "db": "BID",
        "id": "18693"
      },
      {
        "date": "2006-06-29T02:11:18",
        "db": "PACKETSTORM",
        "id": "47832"
      },
      {
        "date": "2006-07-10T22:05:00",
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "date": "2006-07-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-19597"
      },
      {
        "date": "2006-06-28T19:00:00",
        "db": "BID",
        "id": "18693"
      },
      {
        "date": "2017-07-20T01:32:20.647000",
        "db": "NVD",
        "id": "CVE-2006-3489"
      },
      {
        "date": "2006-08-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "F-Secure Anti-Virus/ Internet Security/Service Platform for Service Providers Special file name evades scanning vulnerability",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200607-110"
      }
    ],
    "trust": 0.6
  }
}

gsd-2006-3489

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-3489

Aliases

CVE-2006-3489

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-3489",
    "description": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.",
    "id": "GSD-2006-3489"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-3489"
      ],
      "details": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.",
      "id": "GSD-2006-3489",
      "modified": "2023-12-13T01:19:56.969855Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-3489",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20858",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/20858"
          },
          {
            "name": "1016400",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016400"
          },
          {
            "name": "26875",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/26875"
          },
          {
            "name": "18693",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/18693"
          },
          {
            "name": "http://www.f-secure.com/security/fsc-2006-4.shtml",
            "refsource": "CONFIRM",
            "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
          },
          {
            "name": "1016401",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1016401"
          },
          {
            "name": "fsecure-antivirus-filename-security-bypass(27498)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
          },
          {
            "name": "ADV-2006-2573",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/2573"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.44",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.52",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.61",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.01",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3489"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.f-secure.com/security/fsc-2006-4.shtml",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
            },
            {
              "name": "1016400",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016400"
            },
            {
              "name": "1016401",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1016401"
            },
            {
              "name": "26875",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/26875"
            },
            {
              "name": "18693",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/18693"
            },
            {
              "name": "20858",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/20858"
            },
            {
              "name": "ADV-2006-2573",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/2573"
            },
            {
              "name": "fsecure-antivirus-filename-security-bypass(27498)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:32Z",
      "publishedDate": "2006-07-10T22:05Z"
    }
  }
}

ghsa-r342-23qv-wr86

Vulnerability from github

Published

2022-05-01 07:09

Modified

2022-05-01 07:09

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-3489"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-07-10T22:05:00Z",
    "severity": "MODERATE"
  },
  "details": "F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.",
  "id": "GHSA-r342-23qv-wr86",
  "modified": "2022-05-01T07:09:30Z",
  "published": "2022-05-01T07:09:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-3489"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27498"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/20858"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016400"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1016401"
    },
    {
      "type": "WEB",
      "url": "http://www.f-secure.com/security/fsc-2006-4.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/26875"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/18693"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/2573"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2006-3489

Vulnerability from cvelistv5

cve-2006-3489

Vulnerability from fkie_nvd

var-200607-0032

Vulnerability from variot

gsd-2006-3489

Vulnerability from gsd

ghsa-r342-23qv-wr86

Vulnerability from github

Tags

Sightings

Nomenclature