Vulnerabilities > F Secure > Internet Gatekeeper
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-28 | CVE-2021-33601 | Unspecified vulnerability in F-Secure Internet Gatekeeper A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. | 6.5 |
2020-02-22 | CVE-2020-9342 | Improper Input Validation vulnerability in F-Secure products The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. | 4.3 |
2011-02-18 | CVE-2011-0453 | Improper Authentication vulnerability in F-Secure Internet Gatekeeper 3.02.1221 F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port. | 5.0 |
2010-04-15 | CVE-2010-1425 | Denial-Of-Service vulnerability in F-Secure Anti-Virus F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection. | 5.0 |
2009-05-22 | CVE-2009-1782 | Unspecified vulnerability in F-Secure products Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and earlier; Internet Security 2009 and earlier, Anti-Virus 2009 and earlier, Client Security 8.0 and earlier, and others; allow remote attackers to bypass malware detection via a crafted (1) ZIP and (2) RAR archive. network f-secure | 6.8 |
2007-06-20 | CVE-2007-3300 | Anti-Virus Products LHA and RAR Archives Scan Bypass vulnerability in F-Secure Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive. | 9.3 |
2007-05-31 | CVE-2007-2967 | Improper Input Validation vulnerability in F-Secure products Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files. | 10.0 |
2007-05-31 | CVE-2007-2966 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in F-Secure products Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. | 7.5 |
2007-05-31 | CVE-2007-2965 | Local Security vulnerability in Internet Gatekeeper Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space." | 7.2 |
2006-06-06 | CVE-2006-2838 | Denial-Of-Service vulnerability in F-Secure Anti-Virus and Internet Gatekeeper Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. | 7.6 |