CVSS: 7.8EPSS: 5%CPEs: 19EXPL: 0CVE-2007-2966
https://notcve.org/view.php?id=CVE-2007-2966
31 May 2007 — Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. Un desbordamiento de búfer en el componente de descompresión LHA en productos antivirus de F-Secure para Microsoft Windows y Linux anterior a versión 20070529, permite a los atacantes remotos e... • http://osvdb.org/36724 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 9%CPEs: 19EXPL: 0CVE-2007-2967
https://notcve.org/view.php?id=CVE-2007-2967
31 May 2007 — Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files. Varios productos antivirus de F-Secure para Microsoft Windows y Linux anterior a versión 20070522, permiten a los atacantes remotos causar una denegación de servicio (bucle infinito de escaneo de archivos) por medio de ciertos archivos ARJ (1) o (2) archivos empaquetados FSG. • http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063714.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 7%CPEs: 5EXPL: 0CVE-2006-2838
https://notcve.org/view.php?id=CVE-2006-2838
06 Jun 2006 — Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host. • http://secunia.com/advisories/20407 •
CVSS: 7.8EPSS: 6%CPEs: 63EXPL: 0CVE-2006-0337
https://notcve.org/view.php?id=CVE-2006-0337
21 Jan 2006 — Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. • http://secunia.com/advisories/18529 •
CVSS: 7.5EPSS: 2%CPEs: 54EXPL: 0CVE-2006-0338
https://notcve.org/view.php?id=CVE-2006-0338
21 Jan 2006 — Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned. • http://secunia.com/advisories/18529 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-3468
https://notcve.org/view.php?id=CVE-2005-3468
02 Nov 2005 — Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files. • http://secunia.com/advisories/17361 •
CVSS: 8.8EPSS: 3%CPEs: 20EXPL: 0CVE-2005-0350
https://notcve.org/view.php?id=CVE-2005-0350
11 Feb 2005 — Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive. • http://www.f-secure.com/security/fsc-2005-1.shtml •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2405
https://notcve.org/view.php?id=CVE-2004-2405
31 Dec 2004 — Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive. • http://secunia.com/advisories/11712 •
CVSS: 7.7EPSS: 18%CPEs: 44EXPL: 1CVE-2004-2442 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-2442
31 Dec 2004 — Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system. • https://www.exploit-db.com/exploits/629 •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2003-1014
https://notcve.org/view.php?id=CVE-2003-1014
24 Sep 2004 — Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients. Múltiples pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan múltiples campos MIME con el mismo nombre, lo que puede ser interpretado de manera distinta por clientes de correo. • http://marc.info/?l=bugtraq&m=109517732328759&w=2 •