Lucene search
MitreCVE-2007-3300HistoryJun 20, 2007 - 10:30 p.m.
CVE-2007-3300
2007-06-2022:30:00
mitre
web.nvd.nist.gov
27
cve-2007-3300
f-secure
antivirus
bypass
scanning
lha
rar
archive
security vulnerability
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.046
Percentile
92.7%
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
Affected configurations
Node
f-securef-secure_anti-virusMatch2.16linux_gateways
ORf-securef-secure_anti-virusMatch4.51linux_gateways
ORf-securef-secure_anti-virusMatch4.51linux_servers
ORf-securef-secure_anti-virusMatch4.52linux_gateways
ORf-securef-secure_anti-virusMatch4.52linux_servers
ORf-securef-secure_anti-virusMatch4.61linux_gateways
ORf-securef-secure_anti-virusMatch4.61linux_servers
ORf-securef-secure_anti-virusMatch4.64linux_gateways
ORf-securef-secure_anti-virusMatch4.64linux_servers
ORf-securef-secure_anti-virusMatch4.65linux_gateways
ORf-securef-secure_anti-virusMatch4.65linux_servers
ORf-securef-secure_anti-virusMatch5.0.2
ORf-securef-secure_anti-virusMatch5.2.1
ORf-securef-secure_anti-virusMatch5.3.0
ORf-securef-secure_anti-virusMatch5.5client_security
ORf-securef-secure_anti-virusMatch5.40workstations
ORf-securef-secure_anti-virusMatch5.41windows_servers
ORf-securef-secure_anti-virusMatch5.41workstations
ORf-securef-secure_anti-virusMatch5.42windows_servers
ORf-securef-secure_anti-virusMatch5.42workstations
ORf-securef-secure_anti-virusMatch5.43workstations
ORf-securef-secure_anti-virusMatch5.44workstations
ORf-securef-secure_anti-virusMatch5.52citrix_servers
ORf-securef-secure_anti-virusMatch5.52client_security
ORf-securef-secure_anti-virusMatch5.54client_security
ORf-securef-secure_anti-virusMatch5.55client_security
ORf-securef-secure_anti-virusMatch5.56
ORf-securef-secure_anti-virusMatch5.61mimesweeper
ORf-securef-secure_anti-virusMatch6.01client_security
ORf-securef-secure_anti-virusMatch6.01ms_exchange
ORf-securef-secure_anti-virusMatch6.02client_security
ORf-securef-secure_anti-virusMatch6.2ms_exchange
ORf-securef-secure_anti-virusMatch6.03client_security
ORf-securef-secure_anti-virusMatch6.21ms_exchange
ORf-securef-secure_anti-virusMatch6.30ms_exchange
ORf-securef-secure_anti-virusMatch6.30_sr1ms_exchange
ORf-securef-secure_anti-virusMatch6.31ms_exchange
ORf-securef-secure_anti-virusMatch6.40ms_exchange
ORf-securef-secure_anti-virusMatch6.60ms_exchange
ORf-securef-secure_anti-virusMatch6.61ms_exchange
ORf-securef-secure_anti-virusMatch7.00client_security
ORf-securef-secure_anti-virusMatch7.00ms_exchange
ORf-securef-secure_anti-virusMatch7.00windows_servers
ORf-securef-secure_anti-virusMatch7.00workstations
ORf-securef-secure_anti-virusMatch2005
ORf-securef-secure_anti-virusMatch2006
ORf-securef-secure_anti-virusMatch2007
ORf-securef-secure_anti-virus_linux_client_securityRange≤5.52
ORf-securef-secure_anti-virus_linux_server_securityRange≤5.52
ORf-securef-secure_internet_securityMatch2005
ORf-securef-secure_internet_securityMatch2006
ORf-securef-secure_internet_securityMatch2007
ORf-secureinternet_gatekeeperRange≤6.61
ORf-secureinternet_gatekeeperMatch2.06linux
ORf-secureinternet_gatekeeperMatch2.14linux
ORf-secureinternet_gatekeeperMatch2.15.484linux
ORf-secureinternet_gatekeeperMatch2.16linux
ORf-securesolutions_based_on_f-secure_personal_expressMatch6.20
| Vendor | Product | Version | CPE |
|---|---|---|---|
| f-secure | f-secure_anti-virus | 2.16 | cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.51 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.51 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.61 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.61 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.64 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.64 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:* |
| f-secure | f-secure_anti-virus | 4.65 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:* |
References
osvdb.org/36728
osvdb.org/36729
secunia.com/advisories/25738
www.f-secure.com/security/fsc-2007-5.shtml
www.securityfocus.com/bid/24525
www.securitytracker.com/id?1018266
www.securitytracker.com/id?1018267
www.securitytracker.com/id?1018268
www.vupen.com/english/advisories/2007/2247
exchange.xforce.ibmcloud.com/vulnerabilities/34942
Related
prion
prion
Authentication flaw
2007-06-20 22:30:00
cvelist
cvelist
CVE-2007-3300
2007-06-20 22:00:00
nvd
nvd
CVE-2007-3300
2007-06-20 22:30:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0.046
Percentile
92.7%
Related for CVE-2007-3300