Lucene search
K
F-secureF-secure Internet Security

18 matches found

CVE
CVE
added 2004/05/05 4:0 a.m.109 views

CVE-2004-0234

CVE-2004-0234: LHA 1.14 contains multiple stack-based buffer overflows in get_header() of header.c, allowing remote attackers or local users to execute arbitrary code via long directory/file names in an LHA archive. The issue affects LHA as used in products such as Barracuda Spam Firewall; overfl...

10CVSS7.5AI score0.10262EPSS
Web
CVE
CVE
added 2004/05/05 4:0 a.m.100 views

CVE-2004-0235

CVE-2004-0235 impacts LHa (LHA) 1.14.x releases. Multiple directory traversal vulnerabilities allow remote attackers or local users to create arbitrary files via an archive containing filenames with .. sequences or absolute paths (//absolute/path). The issue affects LHA 1.14 (and related variants...

6.4CVSS6.5AI score0.04122EPSS
Web
CVE
CVE
added 2010/04/15 9:12 p.m.83 views

CVE-2010-1425

Summary: CVE-2010-1425 affects F-Secure and related antivirus products, whose scanning engines fail to detect malware in specially crafted 7Z, GZIP, CAB, and RAR archives. The issue enables remote malware delivery by archive content evasion, impacting several F-Secure offerings (including Interne...

5CVSS6.8AI score0.02151EPSS
CVE
CVE
added 2006/01/21 12:0 a.m.73 views

CVE-2006-0338

The CVE-2006-0338 entry applies to multiple F-Secure Anti-Virus products on Windows and Linux (Windows Servers 5.52 and earlier; Internet Security 2004–2006; Linux Servers 4.64 and earlier). The vulnerability stems from how ZIP and RAR archives are handled, with malformed archives not being scann...

5CVSS6.9AI score0.02992EPSS
CVE
CVE
added 2008/03/20 10:0 a.m.69 views

CVE-2008-1412

CVE-2008-1412 describes an unspecified vulnerability in multiple F-Secure antivirus products (notably Internet Security 2006–2008 and Anti-Virus 2006–2008) where a malformed archive triggers an unhandled exception, allowing a remote attacker to cause a crash or execute arbitrary code. The issue i...

6.8CVSS9.7AI score0.03603EPSS
CVE
CVE
added 2007/05/31 11:0 p.m.66 views

CVE-2007-2966

CVE-2007-2966 describes a buffer overflow in the LHA decompression component of F-Secure antivirus products for Windows and Linux (pre-20070529). The flaw is triggered by a crafted LHA archive and is tied to an integer wrap issue, enabling remote attackers to potentially execute arbitrary code or...

7.5CVSS7.7AI score0.05208EPSS
CVE
CVE
added 2007/05/31 11:0 p.m.62 views

CVE-2007-2967

The CVE-2007-2967 entry affects multiple F‑Secure antivirus products for Windows and Linux prior to 20070522. The vulnerability is a denial of service via crafted ARJ archives or FSG packed files that can cause a file-scanning infinite loop within the scanner component. Impact is a complete denia...

10CVSS6.8AI score0.04789EPSS
CVE
CVE
added 2008/02/15 1:0 a.m.62 views

CVE-2008-0792

CVE-2008-0792 affects multiple F-Secure antivirus products (Internet Security 2006–2008, Anti-Virus 2006–2008, F-Secure Protection Service, and others). The vulnerability allows remote attackers to bypass malware detection by presenting a crafted CAB archive. The documents do not provide exploit ...

5.8CVSS6.5AI score0.02175EPSS
CVE
CVE
added 2009/02/06 11:0 a.m.62 views

CVE-2008-6085

CVE-2008-6085 describes an integer overflow in multiple F-Secure products (e.g., Internet Security 2006–2008, Anti-Virus 2006–2008) when scanning inside compressed archives. A crafted RPM archive can trigger a buffer overflow, allowing a remote attacker to execute arbitrary code. The vulnerabilit...

7.6CVSS8.1AI score0.05535EPSS
CVE
CVE
added 2005/02/11 5:0 a.m.61 views

CVE-2005-0350

CVE-2005-0350 describes a heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products. The vulnerability allows a remote attacker to execute arbitrary code by sending a crafted ARJ archive. The CVSS metrics indicate a network-exposed, low-attack-complexity issue with...

7.5CVSS8.4AI score0.03281EPSS
CVE
CVE
added 2007/05/31 11:0 p.m.60 views

CVE-2007-2965

CVE-2007-2965 concerns the Real-time Scanning component across multiple F-Secure products (Internet Security 2005–2007, Anti-Virus 2005–2007, and related Protection Service for Consumers 6.40 and earlier). The root cause is improper validation in IOCTL/I/O space handling, allowing a crafted I/O r...

7.2CVSS6.5AI score0.00353EPSS
CVE
CVE
added 2008/02/22 10:0 p.m.60 views

CVE-2008-0910

CVE-2008-0910 is connected to F-Secure antivirus products (Internet Security 2006–2008, Anti-Virus 2006–2008, F-Secure Protection Service, and related products). The related entries in CVE-2008-0792 describe a vulnerability where remote attackers can bypass malware detection by presenting a craft...

7.5CVSS6.6AI score0.02517EPSS
CVE
CVE
added 2006/07/10 10:0 p.m.59 views

CVE-2006-3489

CVE-2006-3489 affects F-Secure products: Anti-Virus 2003–2006, Internet Security 2003–2006, and Service Platform for Service Providers 6.x and earlier. The vulnerability allows remote attackers to bypass anti-virus scanning by using a crafted filename. The available sources confirm the affected p...

5CVSS7AI score0.01577EPSS
CVE
CVE
added 2005/08/20 4:0 a.m.57 views

CVE-2004-2442

CVE-2004-2442 covers a multiple interpretation error in several F-Secure Anti-Virus products (including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, and Anti-Virus for Linux/Gateways 4.61 and earlier). The issue allows remote attackers to bypass an...

5CVSS6.6AI score0.10639EPSS
CVE
CVE
added 2005/08/18 4:0 a.m.56 views

CVE-2004-2405

CVE-2004-2405 describes a buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, triggered by a malformed LHA archive. Impact stated: remote attackers could bypass scanning or cause a denial of service (crash or module restart), depending on the ...

6.4CVSS7.4AI score0.01716EPSS
CVE
CVE
added 2006/01/21 12:0 a.m.54 views

CVE-2006-0337

CVE-2006-0337 affects F-Secure Anti-Virus products for Windows and Linux (e.g., Windows Servers 5.52 and earlier; Internet Security 2004–2006; Linux Servers 4.64 and earlier). The vulnerability is a buffer overflow triggered by specially crafted ZIP archives, allowing remote code execution. Repor...

7.5CVSS8AI score0.05823EPSS
CVE
CVE
added 2006/07/10 10:0 p.m.53 views

CVE-2006-3490

CVE-2006-3490 affects F-Secure Anti-Virus 2003–2006, Internet Security 2003–2006, and Service Platform for Service Providers 6.x and earlier. The issue is that the products do not scan files on removable media when the option “Scan network drives” is disabled, which can allow remote attackers to ...

5CVSS7.1AI score0.01577EPSS
CVE
CVE
added 2007/06/20 10:0 p.m.53 views

CVE-2007-3300

CVE-2007-3300 affects multiple F-Secure anti-virus products for Windows and Linux prior to 20070619. The vulnerability allows remote attackers to bypass scanning by exploiting a crafted header in (1) LHA or (2) RAR archives. Root cause is a flaw in header handling that enables bypass of the antiv...

9.3CVSS6.7AI score0.03711EPSS