CVE-2021-40832 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-40832
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Se ha detectado una vulnerabilidad de Denegación de Servicio (DoS) en F-Secure Atlant, por la que el componente del módulo de desempaquetado AVRDL usado en determinados productos de F-Secure puede bloquearse mientras se escanean archivos con problemas. La explotación puede ser desencadenada remotamente por un atacante. • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-40832 •
CVE-2021-33603 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-33603
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine. Se ha detectado una vulnerabilidad de Denegación de Servicio (DoS) en F-Secure Atlant por la que el componente del módulo AVPACK usado en determinados productos de F-Secure puede bloquearse mientras se escanean archivos con problemas. La explotación puede ser desencadenada remotamente por un atacante. • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33603 •
CVE-2021-33602 – Denial-of-Service (DoS) Vulnerability
https://notcve.org/view.php?id=CVE-2021-33602
A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine. Se ha detectado una vulnerabilidad que afecta al motor de F-Secure Antivirus cuando el motor intenta descomprimir un archivo zip (método de descompresión LZW), y esto puede bloquear el motor de análisis. La vulnerabilidad puede ser explotada remotamente por un atacante. • https://www.f-secure.com/en/business/support-and-downloads/security-advisories •
CVE-2021-33601 – Arbitrary Code Execution in Web Interface of F-Secure Internet Gatekeeper
https://notcve.org/view.php?id=CVE-2021-33601
A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server. Se ha detectado una vulnerabilidad en la interfaz de usuario web de F-Secure Internet Gatekeeper. Un usuario autenticado puede modificar la configuración mediante la interfaz de usuario web de forma que podría conllevar una ejecución de código arbitrario en el servidor de F-Secure Internet Gatekeeper • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33601 •
CVE-2021-33600 – Denial of Service Vulnerability in Web Interface of F-Secure Internet Gatekeeper
https://notcve.org/view.php?id=CVE-2021-33600
A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product. Se ha detectado una vulnerabilidad de denegación de servicio (DoS) en la interfaz de usuario web de F-Secure Internet Gatekeeper. • https://www.f-secure.com/en/business/programs/vulnerability-reward-program/hall-of-fame https://www.f-secure.com/en/business/support-and-downloads/security-advisories/cve-2021-33600 • CWE-617: Reachable Assertion •