var-200902-0191
Vulnerability from variot
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow. Multiple F-Secure products are prone to an integer-overflow vulnerability because the applications fail to properly handle malformed RPM files. Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the vulnerable applications. Failed exploit attempts will likely cause denial-of-service conditions. Both F-Secure Internet Gatekeeper and F-Secure Anti-Virus are anti-virus products released by an anti-virus software manufacturer in Finland. ----------------------------------------------------------------------
Do you need accurate and reliable IDS / IPS / AV detection rules?
Get in-depth vulnerability details: http://secunia.com/binary_analysis/sample_analysis/
TITLE: F-Secure Products RPM Parsing Integer Overflow Vulnerability
SECUNIA ADVISORY ID: SA32352
VERIFY ADVISORY: http://secunia.com/advisories/32352/
CRITICAL: Highly critical
IMPACT: DoS, System access
WHERE:
From remote
OPERATING SYSTEM: F-Secure Messaging Security Gateway X-Series http://secunia.com/advisories/product/8997/ F-Secure Messaging Security Gateway P-Series http://secunia.com/advisories/product/8998/
SOFTWARE: F-Secure Internet Security 2008 http://secunia.com/advisories/product/17555/ F-Secure Internet Security 2007 http://secunia.com/advisories/product/14375/ F-Secure Internet Security 2006 http://secunia.com/advisories/product/6883/ F-Secure Internet Gatekeeper for Linux 2.x http://secunia.com/advisories/product/4635/ F-Secure Internet Gatekeeper 6.x http://secunia.com/advisories/product/3339/ F-Secure Client Security 7.x http://secunia.com/advisories/product/14381/ F-Secure Anti-Virus Linux Server Security 5.x http://secunia.com/advisories/product/14376/ F-Secure Anti-Virus Linux Client Security 5.x http://secunia.com/advisories/product/14377/ F-Secure Anti-Virus for Workstations 7.x http://secunia.com/advisories/product/14226/ F-Secure Anti-Virus for Workstations 5.x http://secunia.com/advisories/product/457/ F-Secure Anti-Virus for Windows Servers 8.x http://secunia.com/advisories/product/18966/ F-Secure Anti-Virus for Windows Servers 7.x http://secunia.com/advisories/product/14382/ F-Secure Anti-Virus for MIMEsweeper 5.x http://secunia.com/advisories/product/455/ F-Secure Anti-Virus for Microsoft Exchange 7.x http://secunia.com/advisories/product/14551/ F-Secure Anti-Virus for Microsoft Exchange 6.x http://secunia.com/advisories/product/454/ F-Secure Anti-Virus for Linux Gateways 4.x http://secunia.com/advisories/product/14550/ F-Secure Anti-Virus for Linux 4.x http://secunia.com/advisories/product/3165/ F-Secure Anti-Virus for Citrix Servers 5.x http://secunia.com/advisories/product/5198/ F-Secure Anti-Virus 2008 http://secunia.com/advisories/product/17554/ F-Secure Anti-Virus 2007 http://secunia.com/advisories/product/14374/ F-Secure Anti-Virus 2006 http://secunia.com/advisories/product/6882/ F-Secure Linux Security 7.x http://secunia.com/advisories/product/20199/ F-Secure Home Server Security 2009 http://secunia.com/advisories/product/20200/ F-Secure Anti-Virus for Citrix Servers 7.x http://secunia.com/advisories/product/20201/
DESCRIPTION: A vulnerability has been reported in various F-Secure products, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an integer overflow error when parsing RPM files. This can be exploited to cause a buffer overflow via a specially crafted RPM file.
The vulnerability is reported in the following products: * F-Secure Internet Security 2008 * F-Secure Internet Security 2007 Second Edition * F-Secure Internet Security 2007 * F-Secure Internet Security 2006 * F-Secure Anti-Virus 2008 * F-Secure Anti-Virus 2007 Second Edition * F-Secure Anti-Virus 2007 * F-Secure Anti-Virus 2006 * F-Secure Client Security 7.12 and earlier * F-Secure Anti-Virus for Workstations 7.11 and earlier * F-Secure Linux Security 7.01 and earlier * F-Secure Anti-Virus Linux Client Security 5.54 and earlier * Solutions based on F-Secure Protection Service for Consumers version 8.00 and earlier * Solutions based on F-Secure Protection Service for Business version 3.10 and earlier * F-Secure Home Server Security 2009 * F-Secure Anti-Virus for Windows Servers 8.00 and earlier * F-Secure Anti-Virus for Citrix Servers 7.00 and earlier * F-Secure Linux Security 7.01 and earlier * F-Secure Anti-Virus Linux Server Security 5.54 and earlier * F-Secure Anti-Virus for Linux Servers 4.65 * F-Secure Anti-Virus for Microsoft Exchange 7.10 and earlier * F-Secure Internet Gatekeeper for Windows 6.61 and earlier * F-Secure Internet Gatekeeper for Linux 2.16 and earlier * F-Secure Anti-Virus for Linux Gateways 4.65 * F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier * F-Secure Messaging Security Gateway 5.0.4 and earlier
SOLUTION: Apply patches (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor credits Tamas Feher.
ORIGINAL ADVISORY: FSC-2008-3: http://www.f-secure.com/security/fsc-2008-3.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200902-0191",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "f-secure client security",
"scope": "lte",
"trust": 1.8,
"vendor": "f secure",
"version": "7.12"
},
{
"model": "f-secure home server security",
"scope": "eq",
"trust": 1.8,
"vendor": "f secure",
"version": "2009"
},
{
"model": "f-secure linux security",
"scope": "lte",
"trust": 1.8,
"vendor": "f secure",
"version": "7.01"
},
{
"model": "f-secure messaging security gateway",
"scope": "lte",
"trust": 1.8,
"vendor": "f secure",
"version": "5.0.4"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.6,
"vendor": "f secure",
"version": "2009"
},
{
"model": "f-secure anti-virus for microsoft exchange",
"scope": "eq",
"trust": 1.6,
"vendor": "f secure",
"version": "6.62"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.6,
"vendor": "f secure",
"version": "7.02"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.6,
"vendor": "f secure",
"version": "2008"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.6,
"vendor": "f secure",
"version": "7.02"
},
{
"model": "f-secure messaging security gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "f secure",
"version": "4.0.7"
},
{
"model": "f-secure anti-virus linux client security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "5.53"
},
{
"model": "f-secure anti-virus linux server security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "5.30"
},
{
"model": "f-secure protection service for consumers",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "5.00"
},
{
"model": "f-secure anti-virus linux client security",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "5.54"
},
{
"model": "f-secure anti-virus for workstations",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "7.10"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "2007"
},
{
"model": "f-secure anti-virus linux client security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "5.52"
},
{
"model": "f-secure anti-virus for mimesweeper",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "5.61"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "2008"
},
{
"model": "f-secure anti-virus for microsoft exchange",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "2006"
},
{
"model": "f-secure protection service for business",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "3.10"
},
{
"model": "f-secure anti-virus linux client security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "5.30"
},
{
"model": "f-secure protection service for consumers",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "f-secure anti-virus for microsoft exchange",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "7.10"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "2007"
},
{
"model": "f-secure anti-virus for citrix servers",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "f-secure protection service for business",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "3.00"
},
{
"model": "f-secure anti-virus for workstations",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "7.11"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "2009"
},
{
"model": "f-secure anti-virus for windows servers",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "8.00"
},
{
"model": "f-secure internet gatekeeper for linux",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "2.16"
},
{
"model": "f-secure anti-virus linux server security",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "5.54"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "2006"
},
{
"model": "f-secure protection service for consumers",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "8.00"
},
{
"model": "f-secure client security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "7.11"
},
{
"model": "f-secure internet gatekeeper for windows",
"scope": "lte",
"trust": 1.0,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "f-secure anti-virus linux server security",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "5.52"
},
{
"model": "f-secure protection service for consumers",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "6.00"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "f secure",
"version": "2006 - 2009"
},
{
"model": "f-secure anti-virus",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for citrix servers 7.00"
},
{
"model": "f-secure anti-virus",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for microsoft exchange 7.10"
},
{
"model": "f-secure anti-virus",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for mimesweeper 5.61"
},
{
"model": "f-secure anti-virus",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for windows servers 8.00"
},
{
"model": "f-secure anti-virus",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for workstations 7.11"
},
{
"model": "f-secure anti-virus",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "linux client security 5.54"
},
{
"model": "f-secure anti-virus",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "linux server security 5.54"
},
{
"model": "f-secure internet gatekeeper",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for linux 2.16"
},
{
"model": "f-secure internet gatekeeper",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for windows 6.61"
},
{
"model": "f-secure internet security",
"scope": "eq",
"trust": 0.8,
"vendor": "f secure",
"version": "2006 - 2009"
},
{
"model": "f-secure protection service",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for business version 3.10"
},
{
"model": "f-secure protection service",
"scope": "lte",
"trust": 0.8,
"vendor": "f secure",
"version": "for consumers version 8.00"
},
{
"model": "f-secure internet gatekeeper for windows",
"scope": "eq",
"trust": 0.6,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "f-secure messaging security gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "f secure",
"version": "5.0.4"
},
{
"model": "f-secure internet gatekeeper for linux",
"scope": "eq",
"trust": 0.6,
"vendor": "f secure",
"version": "2.16"
},
{
"model": "f-secure anti-virus for mimesweeper",
"scope": "eq",
"trust": 0.6,
"vendor": "f secure",
"version": "5.61"
},
{
"model": "messaging security gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.0.4"
},
{
"model": "linux security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.01"
},
{
"model": "internet security second edition",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "20070"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "20060"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2008"
},
{
"model": "internet security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2007"
},
{
"model": "internet gatekeeper for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2.15.484"
},
{
"model": "internet gatekeeper for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2.14"
},
{
"model": "internet gatekeeper for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2.6"
},
{
"model": "internet gatekeeper for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2.06"
},
{
"model": "internet gatekeeper for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2.16"
},
{
"model": "internet gatekeeper for linux",
"scope": null,
"trust": 0.3,
"vendor": "f secure",
"version": null
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.42"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.41"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.400"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.32"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.31"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.3"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "internet gatekeeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.50"
},
{
"model": "home server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2009"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.12"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.11"
},
{
"model": "client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "0"
},
{
"model": "anti-virus linux server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.11"
},
{
"model": "anti-virus linux server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.04"
},
{
"model": "anti-virus linux server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.01"
},
{
"model": "anti-virus linux server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.0"
},
{
"model": "anti-virus linux server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.54"
},
{
"model": "anti-virus linux server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.52"
},
{
"model": "anti-virus linux server security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.30"
},
{
"model": "anti-virus linux client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.11"
},
{
"model": "anti-virus linux client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.0.4"
},
{
"model": "anti-virus linux client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.01"
},
{
"model": "anti-virus linux client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.0"
},
{
"model": "anti-virus linux client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.54"
},
{
"model": "anti-virus linux client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.52"
},
{
"model": "anti-virus linux client security",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.30"
},
{
"model": "anti-virus for workstations",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.44"
},
{
"model": "anti-virus for workstations",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.43"
},
{
"model": "anti-virus for workstations",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.42"
},
{
"model": "anti-virus for workstations",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.41"
},
{
"model": "anti-virus for workstations",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.40"
},
{
"model": "anti-virus for workstations",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.11"
},
{
"model": "anti-virus for workstations",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "anti-virus for windows servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.52"
},
{
"model": "anti-virus for windows servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.50"
},
{
"model": "anti-virus for windows servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.42"
},
{
"model": "anti-virus for windows servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.41"
},
{
"model": "anti-virus for windows servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "8.00"
},
{
"model": "anti-virus for windows servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.40"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.31"
},
{
"model": "anti-virus for ms exchange service release",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.301"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.21"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.30"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.2"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.01"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.10"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.62"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.61"
},
{
"model": "anti-virus for ms exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "6.60"
},
{
"model": "anti-virus for mimesweeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.61"
},
{
"model": "anti-virus for mimesweeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.51"
},
{
"model": "anti-virus for mimesweeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.50"
},
{
"model": "anti-virus for mimesweeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.42"
},
{
"model": "anti-virus for mimesweeper",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.41"
},
{
"model": "anti-virus for linux servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.64"
},
{
"model": "anti-virus for linux servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.61"
},
{
"model": "anti-virus for linux servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.52"
},
{
"model": "anti-virus for linux servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.51"
},
{
"model": "anti-virus for linux servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.65"
},
{
"model": "anti-virus for linux gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.64"
},
{
"model": "anti-virus for linux gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.61"
},
{
"model": "anti-virus for linux gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.52"
},
{
"model": "anti-virus for linux gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.51"
},
{
"model": "anti-virus for linux gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2.16"
},
{
"model": "anti-virus for linux gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "4.65"
},
{
"model": "anti-virus for linux gateways",
"scope": null,
"trust": 0.3,
"vendor": "f secure",
"version": null
},
{
"model": "anti-virus for citrix servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.52"
},
{
"model": "anti-virus for citrix servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "5.5"
},
{
"model": "anti-virus for citrix servers",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "7.00"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "20070"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "20060"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2008"
},
{
"model": "anti-virus second edition",
"scope": "eq",
"trust": 0.3,
"vendor": "f secure",
"version": "2007"
}
],
"sources": [
{
"db": "BID",
"id": "31846"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:second:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_linux_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:6.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:5.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_home_server_security:2009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_windows_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:6.62:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.61",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:second:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:3.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:7.02:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_client_security:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_client_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.12",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:7.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_citrix_servers:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.00",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_mimesweeper:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.0.4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:4.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-6085"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tamas Feher",
"sources": [
{
"db": "BID",
"id": "31846"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
],
"trust": 0.9
},
"cve": "CVE-2008-6085",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-6085",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 4.9,
"id": "VHN-36210",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-6085",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200902-131",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-36210",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36210"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow. Multiple F-Secure products are prone to an integer-overflow vulnerability because the applications fail to properly handle malformed RPM files. \nSuccessfully exploiting this issue allows remote attackers to execute arbitrary code in the context of the vulnerable applications. Failed exploit attempts will likely cause denial-of-service conditions. Both F-Secure Internet Gatekeeper and F-Secure Anti-Virus are anti-virus products released by an anti-virus software manufacturer in Finland. ----------------------------------------------------------------------\n\nDo you need accurate and reliable IDS / IPS / AV detection rules?\n\nGet in-depth vulnerability details:\nhttp://secunia.com/binary_analysis/sample_analysis/\n\n----------------------------------------------------------------------\n\nTITLE:\nF-Secure Products RPM Parsing Integer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA32352\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/32352/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nF-Secure Messaging Security Gateway X-Series\nhttp://secunia.com/advisories/product/8997/\nF-Secure Messaging Security Gateway P-Series\nhttp://secunia.com/advisories/product/8998/\n\nSOFTWARE:\nF-Secure Internet Security 2008\nhttp://secunia.com/advisories/product/17555/\nF-Secure Internet Security 2007\nhttp://secunia.com/advisories/product/14375/\nF-Secure Internet Security 2006\nhttp://secunia.com/advisories/product/6883/\nF-Secure Internet Gatekeeper for Linux 2.x\nhttp://secunia.com/advisories/product/4635/\nF-Secure Internet Gatekeeper 6.x\nhttp://secunia.com/advisories/product/3339/\nF-Secure Client Security 7.x\nhttp://secunia.com/advisories/product/14381/\nF-Secure Anti-Virus Linux Server Security 5.x\nhttp://secunia.com/advisories/product/14376/\nF-Secure Anti-Virus Linux Client Security 5.x\nhttp://secunia.com/advisories/product/14377/\nF-Secure Anti-Virus for Workstations 7.x\nhttp://secunia.com/advisories/product/14226/\nF-Secure Anti-Virus for Workstations 5.x\nhttp://secunia.com/advisories/product/457/\nF-Secure Anti-Virus for Windows Servers 8.x\nhttp://secunia.com/advisories/product/18966/\nF-Secure Anti-Virus for Windows Servers 7.x\nhttp://secunia.com/advisories/product/14382/\nF-Secure Anti-Virus for MIMEsweeper 5.x\nhttp://secunia.com/advisories/product/455/\nF-Secure Anti-Virus for Microsoft Exchange 7.x\nhttp://secunia.com/advisories/product/14551/\nF-Secure Anti-Virus for Microsoft Exchange 6.x\nhttp://secunia.com/advisories/product/454/\nF-Secure Anti-Virus for Linux Gateways 4.x\nhttp://secunia.com/advisories/product/14550/\nF-Secure Anti-Virus for Linux 4.x\nhttp://secunia.com/advisories/product/3165/\nF-Secure Anti-Virus for Citrix Servers 5.x\nhttp://secunia.com/advisories/product/5198/\nF-Secure Anti-Virus 2008\nhttp://secunia.com/advisories/product/17554/\nF-Secure Anti-Virus 2007\nhttp://secunia.com/advisories/product/14374/\nF-Secure Anti-Virus 2006\nhttp://secunia.com/advisories/product/6882/\nF-Secure Linux Security 7.x\nhttp://secunia.com/advisories/product/20199/\nF-Secure Home Server Security 2009\nhttp://secunia.com/advisories/product/20200/\nF-Secure Anti-Virus for Citrix Servers 7.x\nhttp://secunia.com/advisories/product/20201/\n\nDESCRIPTION:\nA vulnerability has been reported in various F-Secure products, which\npotentially can be exploited by malicious people to compromise a\nvulnerable system. \n\nThe vulnerability is caused due to an integer overflow error when\nparsing RPM files. This can be exploited to cause a buffer overflow\nvia a specially crafted RPM file. \n\nThe vulnerability is reported in the following products:\n* F-Secure Internet Security 2008\n* F-Secure Internet Security 2007 Second Edition\n* F-Secure Internet Security 2007\n* F-Secure Internet Security 2006\n* F-Secure Anti-Virus 2008\n* F-Secure Anti-Virus 2007 Second Edition\n* F-Secure Anti-Virus 2007\n* F-Secure Anti-Virus 2006\n* F-Secure Client Security 7.12 and earlier\n* F-Secure Anti-Virus for Workstations 7.11 and earlier\n* F-Secure Linux Security 7.01 and earlier\n* F-Secure Anti-Virus Linux Client Security 5.54 and earlier\n* Solutions based on F-Secure Protection Service for Consumers\nversion 8.00 and earlier\n* Solutions based on F-Secure Protection Service for Business version\n3.10 and earlier\n* F-Secure Home Server Security 2009\n* F-Secure Anti-Virus for Windows Servers 8.00 and earlier\n* F-Secure Anti-Virus for Citrix Servers 7.00 and earlier\n* F-Secure Linux Security 7.01 and earlier\n* F-Secure Anti-Virus Linux Server Security 5.54 and earlier\n* F-Secure Anti-Virus for Linux Servers 4.65\n* F-Secure Anti-Virus for Microsoft Exchange 7.10 and earlier\n* F-Secure Internet Gatekeeper for Windows 6.61 and earlier\n* F-Secure Internet Gatekeeper for Linux 2.16 and earlier\n* F-Secure Anti-Virus for Linux Gateways 4.65\n* F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier\n* F-Secure Messaging Security Gateway 5.0.4 and earlier\n\nSOLUTION:\nApply patches (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Tamas Feher. \n\nORIGINAL ADVISORY:\nFSC-2008-3:\nhttp://www.f-secure.com/security/fsc-2008-3.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"db": "BID",
"id": "31846"
},
{
"db": "VULHUB",
"id": "VHN-36210"
},
{
"db": "PACKETSTORM",
"id": "71098"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-6085",
"trust": 2.8
},
{
"db": "BID",
"id": "31846",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "32352",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2008-2874",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1021073",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423",
"trust": 0.8
},
{
"db": "XF",
"id": "46016",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200902-131",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-36210",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "71098",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36210"
},
{
"db": "BID",
"id": "31846"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"db": "PACKETSTORM",
"id": "71098"
},
{
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
]
},
"id": "VAR-200902-0191",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-36210"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:23:01.529000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "fsc-2008-3",
"trust": 0.8,
"url": "http://www.f-secure.com/en_emea/support/security-advisory/fsc-2008-3.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36210"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"db": "NVD",
"id": "CVE-2008-6085"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/31846"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1021073"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/32352"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-6085"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-6085"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/46016"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/2874"
},
{
"trust": 0.3,
"url": "http://www.f-secure.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/binary_analysis/sample_analysis/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/6883/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/3339/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/17555/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14377/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/4635/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/5198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20201/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/17554/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/18966/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14376/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14375/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/8998/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/455/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20199/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/20200/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/454/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14551/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/6882/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/457/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14382/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/8997/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14374/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14381/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14226/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/3165/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/32352/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/product/14550/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-36210"
},
{
"db": "BID",
"id": "31846"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"db": "PACKETSTORM",
"id": "71098"
},
{
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-36210"
},
{
"db": "BID",
"id": "31846"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"db": "PACKETSTORM",
"id": "71098"
},
{
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-02-06T00:00:00",
"db": "VULHUB",
"id": "VHN-36210"
},
{
"date": "2008-10-21T00:00:00",
"db": "BID",
"id": "31846"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"date": "2008-10-21T23:35:44",
"db": "PACKETSTORM",
"id": "71098"
},
{
"date": "2009-02-06T11:30:00.467000",
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"date": "2008-10-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-36210"
},
{
"date": "2015-04-16T17:52:00",
"db": "BID",
"id": "31846"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001423"
},
{
"date": "2017-08-08T01:33:43.657000",
"db": "NVD",
"id": "CVE-2008-6085"
},
{
"date": "2009-02-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "F-Secure Multiple antivirus products integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001423"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200902-131"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.