Vulnerabilities > CVE-2006-3490 - Products Scan Evasion vulnerability in F-Secure products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.
Vulnerable Configurations
References
- http://secunia.com/advisories/20858
- http://securitytracker.com/id?1016400
- http://securitytracker.com/id?1016401
- http://www.f-secure.com/security/fsc-2006-4.shtml
- http://www.osvdb.org/26876
- http://www.securityfocus.com/bid/18693
- http://www.vupen.com/english/advisories/2006/2573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27502