Design/Logic Flaw

2007-05-3123:30:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.169 Low

EPSS

Percentile

95.9%

JSON

Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335.

CPENameOperatorVersion
f-secure_anti-virusle5.61
f-secure_anti-viruseq2006
f-secure_anti-virusle5.52
f-secure_anti-viruseq2005
f-secure_anti-virusle4.65
f-secure_anti-virusle5.42
f-secure_anti-virusle6.40
f-secure_anti-viruseq2007
f-secure_anti-virusle5.44
f-secure_anti-virusle4.65

Name	Operator	Version
f-secure_anti-virus	le	5.61
f-secure_anti-virus	eq	2006
f-secure_anti-virus	le	5.52
f-secure_anti-virus	eq	2005
f-secure_anti-virus	le	4.65
f-secure_anti-virus	le	5.42
f-secure_anti-virus	le	6.40
f-secure_anti-virus	eq	2007
f-secure_anti-virus	le	5.44
f-secure_anti-virus	le	4.65