Vulnerabilities > CVE-2007-3300 - Anti-Virus Products LHA and RAR Archives Scan Bypass vulnerability in F-Secure

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

f-secure

critical

NVD

Published: 2007-06-20

Updated: 2017-07-29

Summary

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.

Vulnerable Configurations

Part	Description	Count
Application	F-Secure F Secure F Secure Anti Virus 2.16 F Secure F Secure Anti Virus 4.51 F Secure F Secure Anti Virus 4.52 F Secure F Secure Anti Virus 4.61 F Secure F Secure Anti Virus 4.64 F Secure F Secure Anti Virus 4.65 F Secure F Secure Anti Virus 5.0.2 F Secure F Secure Anti Virus 5.2.1 F Secure F Secure Anti Virus 5.3.0 F Secure F Secure Anti Virus 5.5 F Secure F Secure Anti Virus 5.40 F Secure F Secure Anti Virus 5.41 F Secure F Secure Anti Virus 5.42 F Secure F Secure Anti Virus 5.43 F Secure F Secure Anti Virus 5.44 F Secure F Secure Anti Virus 5.52 F Secure F Secure Anti Virus 5.54 F Secure F Secure Anti Virus 5.55 F Secure F Secure Anti Virus 5.56 F Secure F Secure Anti Virus 5.61 F Secure F Secure Anti Virus 6.01 F Secure F Secure Anti Virus 6.02 F Secure F Secure Anti Virus 6.2 F Secure F Secure Anti Virus 6.03 F Secure F Secure Anti Virus 6.21 F Secure F Secure Anti Virus 6.30 F Secure F Secure Anti Virus 6.30_Sr1 F Secure F Secure Anti Virus 6.31 F Secure F Secure Anti Virus 6.40 F Secure F Secure Anti Virus 6.60 F Secure F Secure Anti Virus 6.61 F Secure F Secure Anti Virus 7.00 F Secure F Secure Anti Virus 2005 F Secure F Secure Anti Virus 2006 F Secure F Secure Anti Virus 2007 F Secure F Secure Anti Virus Linux Client Security * F Secure F Secure Anti Virus Linux Server Security * F Secure F Secure Internet Security 2005 F Secure F Secure Internet Security 2006 F Secure F Secure Internet Security 2007 F Secure Internet Gatekeeper 2.06 F Secure Internet Gatekeeper 2.14 F Secure Internet Gatekeeper 2.15.484 F Secure Internet Gatekeeper 2.16 F Secure Internet Gatekeeper * F Secure Solutions Based ON F Secure Personal Express 6.20	58

Summary

Vulnerable Configurations

References