CVSS: 7.8EPSS: 0%CPEs: 19EXPL: 0CVE-2007-2965
https://notcve.org/view.php?id=CVE-2007-2965
31 May 2007 — Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space." Vulnerabilidad sin especificar en el componente Real-time Scanning en múltiples productos de... • http://osvdb.org/36727 •
CVSS: 7.8EPSS: 5%CPEs: 19EXPL: 0CVE-2007-2966
https://notcve.org/view.php?id=CVE-2007-2966
31 May 2007 — Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. Un desbordamiento de búfer en el componente de descompresión LHA en productos antivirus de F-Secure para Microsoft Windows y Linux anterior a versión 20070529, permite a los atacantes remotos e... • http://osvdb.org/36724 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 9%CPEs: 19EXPL: 0CVE-2007-2967
https://notcve.org/view.php?id=CVE-2007-2967
31 May 2007 — Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files. Varios productos antivirus de F-Secure para Microsoft Windows y Linux anterior a versión 20070522, permiten a los atacantes remotos causar una denegación de servicio (bucle infinito de escaneo de archivos) por medio de ciertos archivos ARJ (1) o (2) archivos empaquetados FSG. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1557
https://notcve.org/view.php?id=CVE-2007-1557
21 Mar 2007 — Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page. Vulnerabilidad de cadena de formato en F-Secure Anti-Virus Client Security 6.02 permite a usuarios locales provocar denegación de servicio y posiblemente ganar privilegos a través de especificaciones de formato de cadena en el campo nombre de Management Server s... • http://osvdb.org/34764 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6409
https://notcve.org/view.php?id=CVE-2006-6409
10 Dec 2006 — F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. F-Secure Anti-Virus para Linux Gateways 4.65 permite a atacantes remotos provocar una denegación de servicio (posiblemente error fatal de escaneado), y posiblemente evitar una detección de virus, insertando caracter... • http://www.quantenblog.net/security/virus-scanner-bypass •
CVSS: 7.5EPSS: 1%CPEs: 16EXPL: 0CVE-2006-3489
https://notcve.org/view.php?id=CVE-2006-3489
10 Jul 2006 — F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename. F-Secure Anti-Virus de 2003 a 2006 y otras versiones, Internet Security de 2003 a 2006 y Service Platform para Service Providers 6.x y anteriores permite a atacantes remotos evitar la búsqueda antivirus a través de un nombre de archivo manipulado. • http://secunia.com/advisories/20858 •
CVSS: 9.1EPSS: 1%CPEs: 16EXPL: 0CVE-2006-3490
https://notcve.org/view.php?id=CVE-2006-3490
10 Jul 2006 — F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls. F-Secure Anti-Virus 2003 a 2006 y otras versiones, Internet Security 2003 a 2006 y Service Platform for Service Providers 6.x y anteriores no escanean archivos ubicados en medios extraíbles cuando la opción "... • http://secunia.com/advisories/20858 •
CVSS: 9.8EPSS: 7%CPEs: 5EXPL: 0CVE-2006-2838
https://notcve.org/view.php?id=CVE-2006-2838
06 Jun 2006 — Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host. • http://secunia.com/advisories/20407 •
CVSS: 8.8EPSS: 5%CPEs: 22EXPL: 0CVE-2006-0705
https://notcve.org/view.php?id=CVE-2006-0705
15 Feb 2006 — Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified... • http://marc.info/?l=bugtraq&m=120654385125315&w=2 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 6%CPEs: 63EXPL: 0CVE-2006-0337
https://notcve.org/view.php?id=CVE-2006-0337
21 Jan 2006 — Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. • http://secunia.com/advisories/18529 •