Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Internet_gatekeeper
(F\-Secure)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 47 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-23 | CVE-2022-28886 | A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine | Cloud_protection_for_salesforce, Collaboration_protection, Elements_endpoint_protection, Internet_gatekeeper, Linux_security | 5.5 | ||
| 2022-10-12 | CVE-2022-28887 | Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash. | Atlant, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Internet_gatekeeper, Linux_security, Linux_security_64 | 7.5 | ||
| 2020-02-22 | CVE-2020-9342 | The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper. | Cloud_protection_for_salesforce, Email_and_server_security, Internet_gatekeeper | 5.5 | ||
| 2021-09-28 | CVE-2021-33600 | A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product. | Internet_gatekeeper | 7.5 | ||
| 2021-09-28 | CVE-2021-33601 | A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server. | Internet_gatekeeper | 8.8 | ||
| 2021-10-06 | CVE-2021-33602 | A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. | Atlant, Cloud_protection, Internet_gatekeeper, Linux_security | 5.3 | ||
| 2021-10-08 | CVE-2021-33603 | A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. | Atlant, Cloud_protection_for_salesforce, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Elements_for_microsoft_365, Internet_gatekeeper, Linux_security | 6.5 | ||
| 2021-10-08 | CVE-2021-40832 | A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. | Atlant, Cloud_protection_for_salesforce, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Elements_for_microsoft_365, Internet_gatekeeper, Linux_security | 6.5 | ||
| 2021-11-26 | CVE-2021-40833 | A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. | Atlant, Elements_endpoint_protection, Internet_gatekeeper, Linux_security, Linux_security_64 | 5.5 | ||
| 2021-12-22 | CVE-2021-40836 | A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook .pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine. | Atlant, Elements_endpoint_detection_and_response, Elements_endpoint_protection, Internet_gatekeeper, Linux_security, Linux_security_64 | 5.5 |