F-Secure Products Archive Handling Code Execution Vulnerabilities
Last Update Date:
28 Jan 2011
Release Date:
18 Mar 2008
5576
Views
RISK: Medium Risk
Multiple vulnerabilities have been identified in various F-Secure products, which could be exploited by attackers or malware to cause a denial of service or take complete control of an affected system. These issues are caused by memory corruption errors when processing malformed archives, which could be exploited to crash an affected application or execute arbitrary code via a specially crafted archive.
Impact
- Denial of Service
- Remote Code Execution
System / Technologies affected
- F-Secure Internet Security 2008
- F-Secure Internet Security 2007
- F-Secure Internet Security 2007 Second Edition
- F-Secure Internet Security 2006
- F-Secure Anti-Virus 2008
- F-Secure Anti-Virus 2007
- F-Secure Anti-Virus 2007 Second Edition
- F-Secure Anti-Virus 2006
- F-Secure Client Security 7.11 and prior
- F-Secure Anti-Virus Client Security 6.04 and prior
- F-Secure Anti-Virus for Workstations 7.11 and prior
- F-Secure Anti-Virus Linux Client Security 5.54 and prior
- F-Secure Anti-Virus for Linux 4.65 and prior
- Solutions based on F-Secure Protection Service for Consumers version 7.00 and prior
- Solutions based on F-Secure Protection Service for Business version 3.10 and prior
- F-Secure Mobile Anti-Virus for S60 2nd edition
- F-Secure Mobile Anti-Virus for Windows Mobile 2003/5.0/6
- F-Secure Mobile Security for Series 80 RealPlayer version 11.0.1 (build 6.0.14.794) including rmoc3260.dll version 6.0.10.45
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Apply patches :
http://www.f-secure.com/security/fsc-2008-2.shtml
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with