CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
Low
EPSS
Percentile
84.5%
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.
Vendor | Product | Version | CPE |
---|---|---|---|
f-secure | f-secure_anti-virus | 4.51 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.51 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.60 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.61 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.61 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.62 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.64 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:* |
secunia.com/advisories/18529
securitytracker.com/id?1015507
securitytracker.com/id?1015508
securitytracker.com/id?1015509
securitytracker.com/id?1015510
www.ciac.org/ciac/bulletins/q-103.shtml
www.f-secure.com/security/fsc-2006-1.shtml
www.osvdb.org/22633
www.securityfocus.com/bid/16309
www.vupen.com/english/advisories/2006/0257
exchange.xforce.ibmcloud.com/vulnerabilities/24199