Lucene search

[email protected]CVE-2008-1412

HistoryMar 20, 2008 - 10:44 a.m.

CVE-2008-1412

2008-03-2010:44:00

NVD-CWE-noinfo

CWE-20

[email protected]

web.nvd.nist.gov

f-secure

antivirus

vulnerability

remote code execution

denial of service

malformed archive

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

95.0%

JSON

Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats.

CPENameOperatorVersion
f-secure:f-secure_mobile_antivirus_for_windows_mobilef-secure f-secure mobile antivirus for windows mobileeq2003
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq2007
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq2008
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq2006
f-secure:f-secure_anti-virus_for_workstationsf-secure f-secure anti-virus for workstationsle7.11
f-secure:f-secure_internet_securityf-secure f-secure internet securityeq2008
f-secure:f-secure_protection_service_for_businessf-secure f-secure protection service for businessle3.10
f-secure:f-secure_protection_service_for_consumersf-secure f-secure protection service for consumersle7.00
f-secure:f-secure_client_securityf-secure f-secure client securityle7.11
f-secure:f-secure_mobile_security_for_series_80f-secure f-secure mobile security for series 80eq*

CPE	Name	Operator	Version
f-secure:f-secure_mobile_antivirus_for_windows_mobile	f-secure f-secure mobile antivirus for windows mobile	eq	2003
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	2007
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	2008
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	2006
f-secure:f-secure_anti-virus_for_workstations	f-secure f-secure anti-virus for workstations	le	7.11
f-secure:f-secure_internet_security	f-secure f-secure internet security	eq	2008
f-secure:f-secure_protection_service_for_business	f-secure f-secure protection service for business	le	3.10
f-secure:f-secure_protection_service_for_consumers	f-secure f-secure protection service for consumers	le	7.00
f-secure:f-secure_client_security	f-secure f-secure client security	le	7.11
f-secure:f-secure_mobile_security_for_series_80	f-secure f-secure mobile security for series 80	eq	*

Rows per page:

1-10 of 181

References

secunia.com/advisories/29397

support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml

support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml

www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html

www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/

www.f-secure.com/security/fsc-2008-2.shtml

www.securityfocus.com/bid/28282

www.securitytracker.com/id?1019618

www.securitytracker.com/id?1019619

www.securitytracker.com/id?1019620

www.vupen.com/english/advisories/2008/0903/references

exchange.xforce.ibmcloud.com/vulnerabilities/41234

8.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.104 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2008-1412

prion1 cvelist1 nessus1 kitploit1