F-Secure Products ActiveX Component Code Execution Vulnerability

Last Update Date: 26 Apr 2013 17:19 Release Date: 26 Apr 2013 4213 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

A vulnerability has been identified in multiple F-Secure products, which can be exploited by malicious people to compromise a user's system.

 
The vulnerability is caused due to an error within a bundled ActiveX control, which can be exploited to execute arbitrary SQL statements.

Impact

  • Remote Code Execution

System / Technologies affected

  • F-Secure Anti-Virus for Windows Servers 9.00
  • F-Secure Anti-Virus for Microsoft Exchange Server 9.00 - 9.10
  • F-Secure Anti-Virus for Citrix Servers 9.00
  • F-Secure Email and Server Security 9.20
  • F-Secure Server Security 9.20
  • Solutions based on F-Secure Protection Service for Business Email and Server Security 9.20
  • Solutions based on F-Secure Protection Service for Business Server Security 9.20

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply updates

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

WordPress WP Super Cache Plugin PHP Code Execution Vulnerability

26 Apr 2013 4411 Views

Next

Citrix NetScaler / Access Gateway Security Bypass Vulnerability

29 Apr 2013 4290 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY