Vulnerabilities > F Secure
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-01 | CVE-2007-5143 | Unspecified vulnerability in F-Secure Anti-Virus 7.00 F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. | 1.9 |
| 2007-06-20 | CVE-2007-3300 | Anti-Virus Products LHA and RAR Archives Scan Bypass vulnerability in F-Secure Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive. | 9.3 |
| 2007-05-31 | CVE-2007-2967 | Improper Input Validation vulnerability in F-Secure products Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files. | 10.0 |
| 2007-05-31 | CVE-2007-2966 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in F-Secure products Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. | 7.5 |
| 2007-05-31 | CVE-2007-2965 | Local Security vulnerability in Internet Gatekeeper Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space." | 7.2 |
| 2007-05-31 | CVE-2007-2964 | Remote Denial of Service vulnerability in F-Secure Policy Manager FSMSH.DLL The fsmsh.dll host module in F-Secure Policy Manager Server 7.00 and earlier allows remote attackers to cause a denial of service (application crash) via NTFS reserved words in filenames in URLs. | 5.0 |
| 2007-03-21 | CVE-2007-1557 | Local Format String vulnerability in F-Secure Anti-Virus 6.02 Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page. | 7.2 |
| 2006-12-10 | CVE-2006-6409 | Unspecified vulnerability in F-Secure Anti-Virus 4.65 F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. | 10.0 |
| 2006-07-10 | CVE-2006-3490 | Products Scan Evasion vulnerability in F-Secure products F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls. | 5.0 |
| 2006-07-10 | CVE-2006-3489 | Products Scan Evasion vulnerability in F-Secure products F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. | 5.0 |