var-200802-0141
Vulnerability from variot
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792. The problem is CVE-2008-0792 May be related toSkillfully crafted by a third party RAR Malware may be avoided through the archive. F-Secure Anti-Virus is prone to a security bypass vulnerability. A remote attacker can bypass error checking with a well-crafted RAR program.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: F-Secure Products CAB and RAR Archives Security Bypass
SECUNIA ADVISORY ID: SA28919
VERIFY ADVISORY: http://secunia.com/advisories/28919/
CRITICAL: Less critical
IMPACT: Security Bypass
WHERE:
From remote
OPERATING SYSTEM: F-Secure Messaging Security Gateway P-Series http://secunia.com/product/8998/ F-Secure Messaging Security Gateway X-Series http://secunia.com/product/8997/
SOFTWARE: F-Secure Anti-Virus 2006 http://secunia.com/product/6882/ F-Secure Anti-Virus 2007 http://secunia.com/product/14374/ F-Secure Anti-Virus 2008 http://secunia.com/product/17554/ F-Secure Internet Security 2006 http://secunia.com/product/6883/ F-Secure Internet Security 2007 http://secunia.com/product/14375/ F-Secure Internet Security 2008 http://secunia.com/product/17555/ F-Secure Anti-Virus Client Security 6.x http://secunia.com/product/5786/ F-Secure Anti-Virus Client Security 7.x http://secunia.com/product/14381/ F-Secure Anti-Virus for Workstations 5.x http://secunia.com/product/457/ F-Secure Anti-Virus for Workstations 7.x http://secunia.com/product/14226/ F-Secure Anti-Virus Linux Client Security 5.x http://secunia.com/product/14377/ F-Secure Anti-Virus for Linux 4.x http://secunia.com/product/3165/ F-Secure Anti-Virus for Windows Servers 5.x http://secunia.com/product/452/ F-Secure Anti-Virus for Windows Servers 7.x http://secunia.com/product/14382/ F-Secure Anti-Virus Linux Server Security 5.x http://secunia.com/product/14376/ F-Secure Anti-Virus for Citrix Servers 5.x http://secunia.com/product/5198/ F-Secure Anti-Virus for Microsoft Exchange 6.x http://secunia.com/product/454/ F-Secure Anti-Virus for Microsoft Exchange 7.x http://secunia.com/product/14551/ F-Secure Internet Gatekeeper 6.x http://secunia.com/product/3339/ F-Secure Internet Gatekeeper for Linux 2.x http://secunia.com/product/4635/ F-Secure Anti-Virus for MIMEsweeper 5.x http://secunia.com/product/455/
DESCRIPTION: A vulnerability has been reported in various F-Secure products, which can be exploited by malware to bypass the scanning functionality.
The vulnerability is caused due to an error in the handling of CAB and RAR files and can be exploited to bypass the anti-virus scanning functionality via a specially crafted CAB or RAR file. Please see the vendor's advisory for details.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller of n.runs AG.
ORIGINAL ADVISORY: http://www.f-secure.com/security/fsc-2008-1.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200802-0141",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "2007"
},
{
"model": "f-secure anti-virus linux client security",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "5.53"
},
{
"model": "f-secure anti-virus linux client security",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "5.52"
},
{
"model": "f-secure anti-virus for workstations",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "7.10"
},
{
"model": "f-secure anti-virus for workstations",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "f-secure anti-virus for workstations",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "5.44"
},
{
"model": "f-secure anti-virus for linux",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "4.65"
},
{
"model": "f-secure anti-virus client security",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "7.10"
},
{
"model": "f-secure anti-virus client security",
"scope": "eq",
"trust": 1.9,
"vendor": "f secure",
"version": "7.01"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.3,
"vendor": "f secure",
"version": "2008"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.3,
"vendor": "f secure",
"version": "2006"
},
{
"model": "f-secure anti-virus client security",
"scope": "eq",
"trust": 1.3,
"vendor": "f secure",
"version": "6.04"
},
{
"model": "f-secure anti-virus client security",
"scope": "eq",
"trust": 1.3,
"vendor": "f secure",
"version": "6.03"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "f secure",
"version": "2008"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "f secure",
"version": "2007"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "f secure",
"version": "2006"
},
{
"model": "f-secure protection service for business",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "3.00"
},
{
"model": "f-secure protection service for consumers",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "f secure",
"version": "2006 to 2008"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "f secure",
"version": "2006 to 2008"
},
{
"model": "f-secure protection service for consumers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "f-secure protection service for business",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "3.00"
},
{
"model": "f-secure internet security second edition",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2007"
},
{
"model": "f-secure anti-virus second edition",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2007"
}
],
"sources": [
{
"db": "BID",
"id": "85119"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:4.65:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:5.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:second_edition:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:second_edition:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.04:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0910"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "85119"
}
],
"trust": 0.3
},
"cve": "CVE-2008-0910",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2008-0910",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-31035",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-0910",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200802-427",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-31035",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31035"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792. The problem is CVE-2008-0792 May be related toSkillfully crafted by a third party RAR Malware may be avoided through the archive. F-Secure Anti-Virus is prone to a security bypass vulnerability. A remote attacker can bypass error checking with a well-crafted RAR program. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nF-Secure Products CAB and RAR Archives Security Bypass\n\nSECUNIA ADVISORY ID:\nSA28919\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/28919/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nSecurity Bypass\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nF-Secure Messaging Security Gateway P-Series\nhttp://secunia.com/product/8998/\nF-Secure Messaging Security Gateway X-Series\nhttp://secunia.com/product/8997/\n\nSOFTWARE:\nF-Secure Anti-Virus 2006\nhttp://secunia.com/product/6882/\nF-Secure Anti-Virus 2007\nhttp://secunia.com/product/14374/\nF-Secure Anti-Virus 2008\nhttp://secunia.com/product/17554/\nF-Secure Internet Security 2006\nhttp://secunia.com/product/6883/\nF-Secure Internet Security 2007\nhttp://secunia.com/product/14375/\nF-Secure Internet Security 2008\nhttp://secunia.com/product/17555/\nF-Secure Anti-Virus Client Security 6.x\nhttp://secunia.com/product/5786/\nF-Secure Anti-Virus Client Security 7.x\nhttp://secunia.com/product/14381/\nF-Secure Anti-Virus for Workstations 5.x\nhttp://secunia.com/product/457/\nF-Secure Anti-Virus for Workstations 7.x\nhttp://secunia.com/product/14226/\nF-Secure Anti-Virus Linux Client Security 5.x\nhttp://secunia.com/product/14377/\nF-Secure Anti-Virus for Linux 4.x\nhttp://secunia.com/product/3165/\nF-Secure Anti-Virus for Windows Servers 5.x\nhttp://secunia.com/product/452/\nF-Secure Anti-Virus for Windows Servers 7.x\nhttp://secunia.com/product/14382/\nF-Secure Anti-Virus Linux Server Security 5.x\nhttp://secunia.com/product/14376/\nF-Secure Anti-Virus for Citrix Servers 5.x\nhttp://secunia.com/product/5198/\nF-Secure Anti-Virus for Microsoft Exchange 6.x\nhttp://secunia.com/product/454/\nF-Secure Anti-Virus for Microsoft Exchange 7.x\nhttp://secunia.com/product/14551/\nF-Secure Internet Gatekeeper 6.x\nhttp://secunia.com/product/3339/\nF-Secure Internet Gatekeeper for Linux 2.x\nhttp://secunia.com/product/4635/\nF-Secure Anti-Virus for MIMEsweeper 5.x\nhttp://secunia.com/product/455/\n\nDESCRIPTION:\nA vulnerability has been reported in various F-Secure products, which\ncan be exploited by malware to bypass the scanning functionality. \n\nThe vulnerability is caused due to an error in the handling of CAB\nand RAR files and can be exploited to bypass the anti-virus scanning\nfunctionality via a specially crafted CAB or RAR file. Please see the vendor\u0027s advisory for details. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thierry Zoller of n.runs AG. \n\nORIGINAL ADVISORY:\nhttp://www.f-secure.com/security/fsc-2008-1.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"db": "BID",
"id": "85119"
},
{
"db": "VULHUB",
"id": "VHN-31035"
},
{
"db": "PACKETSTORM",
"id": "63608"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-0910",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1019413",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1019405",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1019412",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "28919",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-0544",
"trust": 1.7
},
{
"db": "XF",
"id": "40480",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200802-427",
"trust": 0.7
},
{
"db": "BID",
"id": "85119",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-31035",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63608",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31035"
},
{
"db": "BID",
"id": "85119"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"db": "PACKETSTORM",
"id": "63608"
},
{
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
]
},
"id": "VAR-200802-0141",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31035"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:15:38.292000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security advisories",
"trust": 0.8,
"url": "http://www.f-secure.com/en/web/labs_global/security-advisories"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31035"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"db": "NVD",
"id": "CVE-2008-0910"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2008-1.shtml"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1019405"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1019412"
},
{
"trust": 2.0,
"url": "http://www.securitytracker.com/id?1019413"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/28919"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/0544/references"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40480"
},
{
"trust": 0.9,
"url": "http://xforce.iss.net/xforce/xfdb/40480"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-0910"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-0910"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/0544/references"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/457/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/454/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/28919/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/455/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14377/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/452/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6883/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5786/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14382/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3339/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17554/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5198/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8997/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17555/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14374/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6882/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8998/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14376/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14375/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3165/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4635/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14226/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14381/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14551/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31035"
},
{
"db": "BID",
"id": "85119"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"db": "PACKETSTORM",
"id": "63608"
},
{
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-31035"
},
{
"db": "BID",
"id": "85119"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"db": "PACKETSTORM",
"id": "63608"
},
{
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-02-22T00:00:00",
"db": "VULHUB",
"id": "VHN-31035"
},
{
"date": "2008-02-22T00:00:00",
"db": "BID",
"id": "85119"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"date": "2008-02-14T00:18:22",
"db": "PACKETSTORM",
"id": "63608"
},
{
"date": "2008-02-22T22:44:00",
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"date": "2008-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-31035"
},
{
"date": "2008-02-22T00:00:00",
"db": "BID",
"id": "85119"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002758"
},
{
"date": "2017-08-08T01:29:46.087000",
"db": "NVD",
"id": "CVE-2008-0910"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural F-Secure Vulnerability that can prevent malware in anti-virus products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002758"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200802-427"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.