Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0338

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-0338
Last Modified 07 Mar 2011 09:29:48
Published 20 Jan 2006 07:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0338

Summary

Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.

Vulnerable Systems

Application

  • F-secure Anti-virus 2003

  • F-secure Anti-virus 2004

  • F-secure Anti-virus 2005

  • F-secure Anti-virus 4.51

  • F-secure Anti-virus 4.52

  • F-secure Anti-virus 4.60

  • F-secure Anti-virus 4.61

  • F-secure Anti-virus 4.62

  • F-secure Anti-virus 4.64

  • F-secure Anti-virus 5.0

  • F-secure Anti-virus 5.11

  • F-secure Anti-virus 5.41

  • F-secure Anti-virus 5.42

  • F-secure Anti-virus 5.43

  • F-secure Anti-virus 5.44

  • F-secure Anti-virus 5.5

  • F-secure Anti-virus 5.52

  • F-secure Anti-virus 5.55

  • F-secure Anti-virus 6.01

  • F-secure Anti-virus 6.2

  • F-secure Anti-virus 6.21

  • F-secure Anti-virus 6.30

  • F-secure Anti-virus 6.30 Sr1

  • F-secure Anti-virus 6.31

  • F-secure Anti-virus 6.40

  • F-secure Internet Gatekeeper 2.06

  • F-secure Internet Gatekeeper 2.14

  • F-secure Internet Gatekeeper 6.32

  • F-secure Internet Gatekeeper 6.41

  • F-secure Internet Gatekeeper 6.42

  • F-secure Internet Security 2004

  • F-secure Internet Security 2005

  • F-secure Internet Security 2006

  • F-secure Personal Express 4.5

  • F-secure Personal Express 4.6

  • F-secure Personal Express 4.7

  • F-secure Personal Express 5.0


References

BID - 16309

CONFIRM - http://www.f-secure.com/security/fsc-2006-1.shtml

SECUNIA - 18529

VUPEN - ADV-2006-0257

OSVDB - 22633

CIAC - Q-103

SECTRACK - 1015510

SECTRACK - 1015509

SECTRACK - 1015508

SECTRACK - 1015507

XF - fsecure-rar-zip-scan-bypass(24199)


Last Updated: 27 May 2016 10:41:36