CVSS: 4.3EPSS: 1%CPEs: 35EXPL: 0CVE-2008-3243
https://notcve.org/view.php?id=CVE-2008-3243
Multiple unspecified vulnerabilities in the scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allow remote attackers to cause a denial of service via (1) a crafted UPX-compressed file, which triggers an engine crash; (2) a crafted Microsoft Office file, which triggers an infinite loop; or (3) an ASPack-compressed file, which triggers an engine crash. Múltiples vulnerabilidades sin especificar en el motor de análisis anterior a 4.4.4 en el F-Prrot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio a través de (1) un fichero UPX-comppressed manipulado que provoca una caída del motor; (2) mediante un fichero Microsoft Office manipulado que lanza un bucle infinito o (3) mediante un fichero ASPack-compressed que provoca una caída del motor. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.securityfocus.com/bid/30258 https://exchange.xforce.ibmcloud.com/vulnerabilities/43868 https://exchange.xforce.ibmcloud.com/vulnerabilities/43869 https://exchange.xforce.ibmcloud.com/vulnerabilities/43870 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 1%CPEs: 35EXPL: 0CVE-2008-3244
https://notcve.org/view.php?id=CVE-2008-3244
The scanning engine before 4.4.4 in F-Prot Antivirus before 6.0.9.0 allows remote attackers to cause a denial of service (engine crash) via a CHM file with a large nb_dir value that triggers an out-of-bounds read. Motor de análisis anterior a 4.4.4 en F-Prot Antivirus anterior a 6.0.9.0, permite a atacantes remotos provocar una denegación de servicio (caída de motor) a través de un fichero CHM con un valor nb_dir largo, lo que provoca una lectura fuera de rango. • http://secunia.com/advisories/31118 http://www.f-prot.com/download/ReleaseNotesWindows.txt http://www.nruns.com/security_advisory_fprot_out-of-bound_memory_access_DoS.php http://www.securityfocus.com/bid/30253 http://www.securitytracker.com/id?1020507 http://www.vupen.com/english/advisories/2008/2124/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43835 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2006-6407
https://notcve.org/view.php?id=CVE-2006-6407
F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. F-Prot Antivirus para Linux x86 Mail Servers 4.6.6 permite a atacantes remotos evitar una detección de virus, insertando caracteres inválidos en un contenido codificado base 64 en un fichero MIME multipart/mixed, como se demuestra con el fichero de testeo EICAR. • http://www.quantenblog.net/security/virus-scanner-bypass http://www.securityfocus.com/archive/1/453654/100/0/threaded http://www.securityfocus.com/bid/21461 •
CVSS: 5.0EPSS: 26%CPEs: 2EXPL: 3CVE-2006-6352 – F-Prot AntiVirus 4.6.6 - 'ACE' Denial of Service
https://notcve.org/view.php?id=CVE-2006-6352
FRISK Software F-Prot Antivirus before 4.6.7 allows user-assisted remote attackers to cause a denial of service (infinite loop) via a crafted ACE file. NOTE: this issue has at least a partial overlap with CVE-2006-6294. FRISK Software F-Prot Antivirus anterior a 4.6.7 permite a atacantes remotos con la intervención del usuario provocar una denegación de servicio (bucle infinito) mediante un fichero ACE artesanal. NOTA: este asunto está parcialmente solapado con CVE-2006-6294. • https://www.exploit-db.com/exploits/2892 http://gleg.net/fprot.txt http://lists.grok.org.uk/pipermail/full-disclosure/2006-December/051096.html http://secunia.com/advisories/23328 http://security.gentoo.org/glsa/glsa-200612-12.xml http://securityreason.com/securityalert/1998 http://securitytracker.com/id?1017331 http://www.f-prot.com/news/gen_news/061201_release_unix467.html http://www.securityfocus.com/archive/1/453475/100/0/threaded http://www.securityfocus.com/bid/214 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6294
https://notcve.org/view.php?id=CVE-2006-6294
Multiple unspecified vulnerabilities in FRISK Software F-Prot Antivirus before 4.6.7 have unspecified impact and attack vectors. NOTE: this might be related to CVE-2006-6293, but it is not clear due to the vagueness of the report. Múltiples vulnerabilidades no especificadas en FRISK Software F-Prot Antivirus anterior a 4.6.7 tienen impacto y vectores de ataque desconocidos. NOTA: esto puede estar relacionado con CVE-2006-6293, pero no esta claro debido a la vaguedad del informe. • http://secunia.com/advisories/23328 http://security.gentoo.org/glsa/glsa-200612-12.xml http://www.f-prot.com/news/gen_news/061201_release_unix467.html •