Vulnerabilities > CVE-2006-6409 - Unspecified vulnerability in F-Secure Anti-Virus 4.65

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

f-secure

critical

NVD

Published: 2006-12-10

Updated: 2018-10-17

Summary

F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

Vulnerable Configurations

Part	Description	Count
Application	F-Secure F Secure F Secure Anti Virus 4.65	1

References

http://www.quantenblog.net/security/virus-scanner-bypass
http://www.securityfocus.com/archive/1/453654/100/0/threaded
http://www.securityfocus.com/bid/21461