CVE-2023-42526
https://notcve.org/view.php?id=CVE-2023-42526
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Algunos productos WithSecure permiten un bloqueo remoto de un motor de escaneo a través de la descompresión de archivos de datos manipulados. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email y Server Security 15, WithSecure Elements Endpoint Protection 17 y versiones posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y versiones posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1. • https://www.withsecure.com/en/support/security-advisories • CWE-400: Uncontrolled Resource Consumption •
CVE-2023-42522
https://notcve.org/view.php?id=CVE-2023-42522
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1. Ciertos productos WithSecure permiten un bloqueo remoto de un motor de escaneo a través del procesamiento de una estructura de importación en un archivo PE. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email y Server Security 15, WithSecure Elements Endpoint Protection 17 y versiones posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y versiones posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1. • https://www.withsecure.com/en/support/security-advisories • CWE-400: Uncontrolled Resource Consumption •
CVE-2020-9342
https://notcve.org/view.php?id=CVE-2020-9342
The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper. El motor de análisis de F-Secure AV antes del 05-02-2020, permite omitir la detección de virus mediante datos de Compression Method diseñados en un archivo GZIP. Esto afecta a las versiones anteriores a 17.0.605.474 (en Linux) de Cloud Protection For Salesforce, Email y Server Security, y Internet GateKeeper. • http://packetstormsecurity.com/files/156506/F-SECURE-Generic-Malformed-Container-Bypass.html http://seclists.org/fulldisclosure/2020/Feb/33 https://blog.zoller.lu/p/tzo-16-2020-f-secure-generic-malformed.html https://seclists.org/bugtraq/2020/Feb/33 • CWE-436: Interpretation Conflict •