CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2009-1783
https://notcve.org/view.php?id=CVE-2009-1783
Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive. Múltiples productos antivirus FRISK Software F-Prot, incluidos: Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows y otros, permiten a atacantes remotos saltar la detección de software malicioso mediante un fichero .CAB manipulado. • http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html http://www.securityfocus.com/archive/1/503393/100/0/threaded http://www.securityfocus.com/bid/34896 https://exchange.xforce.ibmcloud.com/vulnerabilities/50427 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2008-5747
https://notcve.org/view.php?id=CVE-2008-5747
F-Prot 4.6.8 for GNU/Linux allows remote attackers to bypass anti-virus protection via a crafted ELF program with a "corrupted" header that still allows the program to be executed. NOTE: due to an error in the initial disclosure, F-secure was incorrectly stated as the vendor. F-Prot 4.6.8 para GNU/Linux, permite a atacantes remotos evitar la protección antivirus a través del programa ELF manipulado mediante una cabecera "corrupta" que permite que el programa sea ejecutado. NOTA: debido a un error en la revelación inicial, F-secure fue indicado incorrectamente por el fabricante. • http://secunia.com/advisories/34700 http://security.gentoo.org/glsa/glsa-200904-14.xml http://securityreason.com/securityalert/4822 http://www.ivizsecurity.com/security-advisory-iviz-sr-08016.html http://www.securityfocus.com/archive/1/499083 http://www.securityfocus.com/archive/1/499305/100/0/threaded http://www.securityfocus.com/archive/1/499501/100/0/threaded http://www.securityfocus.com/bid/32753 • CWE-399: Resource Management Errors •
CVSS: 5.0EPSS: 14%CPEs: 2EXPL: 1CVE-2008-3447 – F-PROT AntiVirus 6.2.1.4252 - Malformed Archive Infinite Loop Denial of Service
https://notcve.org/view.php?id=CVE-2008-3447
The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid offsets. El motor de exploración de F-Prot Antivirus 6.2.1 4252 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de archivos ZIP malformados, posiblemente relacionado con offsets inválidos. • https://www.exploit-db.com/exploits/6174 http://seclists.org/fulldisclosure/2008/Jul/0569.html http://secunia.com/advisories/31313 http://www.securityfocus.com/bid/30461 http://www.securitytracker.com/id?1020612 http://www.vupen.com/english/advisories/2008/2283 https://exchange.xforce.ibmcloud.com/vulnerabilities/44134 • CWE-399: Resource Management Errors •
CVSS: 4.3EPSS: 1%CPEs: 35EXPL: 0CVE-2008-3243
https://notcve.org/view.php?id=CVE-2008-3243
Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash. Múltiples vulnerabilidades sin especificar en el motor de análisis anterior a 4.4.4 en el F-Prrot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio a través de (1) un fichero UPX-comppressed manipulado que provoca una caída del motor; (2) mediante un fichero Microsoft Office manipulado que lanza un bucle infinito o (3) mediante un fichero ASPack-compressed que provoca una caída del motor. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.securityfocus.com/bid/30258 https://exchange.xforce.ibmcloud.com/vulnerabilities/43868 https://exchange.xforce.ibmcloud.com/vulnerabilities/43869 https://exchange.xforce.ibmcloud.com/vulnerabilities/43870 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 1%CPEs: 35EXPL: 0CVE-2008-3244
https://notcve.org/view.php?id=CVE-2008-3244
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read. Motor de análisis anterior a 4.4.4 en F-Prot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio (caída de motor) a través de un fichero CHM con un valor nb_dir largo, lo que provoca una lectura fuera de rango. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php http://www.securityfocus.com/bid/30253 http://www.securitytracker.com/id?1020507 http://www.vupen.com/english/advisories/2008/2124/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43835 • CWE-20: Improper Input Validation •