CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
96.1%
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.
Vendor | Product | Version | CPE |
---|---|---|---|
f-secure | f-secure_anti-virus | 2.16 | cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.51 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.51 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.51 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.52 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.61 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.61 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:* |
f-secure | f-secure_anti-virus | 4.62 | cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:* |
secunia.com/advisories/18529
securitytracker.com/id?1015507
securitytracker.com/id?1015508
securitytracker.com/id?1015509
securitytracker.com/id?1015510
www.ciac.org/ciac/bulletins/q-103.shtml
www.f-secure.com/security/fsc-2006-1.shtml
www.osvdb.org/22632
www.securityfocus.com/bid/16309
www.vupen.com/english/advisories/2006/0257
exchange.xforce.ibmcloud.com/vulnerabilities/24198