Note:
This project will be discontinued after December 13, 2021. [more]
Product:
F\-Secure_anti\-Virus
(F\-Secure)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 36 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2007-05-31 | CVE-2007-2965 | Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space." | F\-Secure_anti\-Virus, F\-Secure_anti\-Virus_client_security, F\-Secure_anti\-Virus_linux_client_security, F\-Secure_anti\-Virus_linux_server_security, F\-Secure_internet_security, F\-Secure_protection_service, Internet_gatekeeper | N/A | ||
| 2007-03-21 | CVE-2007-1557 | Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page. | F\-Secure_anti\-Virus | N/A | ||
| 2006-12-10 | CVE-2006-6409 | F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | F\-Secure_anti\-Virus | N/A | ||
| 2006-07-10 | CVE-2006-3490 | F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls. | F\-Secure_anti\-Virus, F\-Secure_internet_security, F\-Secure_service_platform_for_service_providers | N/A | ||
| 2006-07-10 | CVE-2006-3489 | F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. | F\-Secure_anti\-Virus, F\-Secure_internet_security, F\-Secure_service_platform_for_service_providers | N/A | ||
| 2006-06-06 | CVE-2006-2838 | Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host. | F\-Secure_anti\-Virus, Internet_gatekeeper | N/A | ||
| 2006-01-20 | CVE-2006-0338 | Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned. | F\-Secure_anti\-Virus, F\-Secure_internet_security, F\-Secure_personal_express, Internet_gatekeeper | N/A | ||
| 2006-01-20 | CVE-2006-0337 | Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. | F\-Secure_anti\-Virus, F\-Secure_internet_security, Internet_gatekeeper, Solutions_based_on_f\-Secure_personal_express | N/A | ||
| 2005-11-18 | CVE-2005-3664 | Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file. | F\-Secure_anti\-Virus, Kaspersky_anti\-Virus, Kaspersky_anti\-Virus_personal | N/A | ||
| 2005-11-16 | CVE-2005-3546 | suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege. | F\-Secure_anti\-Virus, Internet_gatekeeper | N/A |