MidnightBSD

Advisories for f-secure

CVE-2003-1015 HIGH

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_l_daniels ripmime 1.2.0
f-secure internet_gatekeeper 6.31
clearswift mailsweeper 4.3.14
paul_l_daniels ripmime 1.2.4
clearswift mailsweeper 4.3.11
paul_l_daniels ripmime 1.2.3
paul_l_daniels ripmime 1.2.6
paul_l_daniels ripmime 1.2.1
clearswift mailsweeper 4.3.8
f-secure internet_gatekeeper 6.3
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.10
f-secure internet_gatekeeper 6.4
clearswift mailsweeper 4.3.15
paul_l_daniels ripmime 1.2.5
paul_l_daniels ripmime 1.3.2.2
paul_l_daniels ripmime 1.2.7
paul_l_daniels ripmime 1.3.2.3
paul_l_daniels ripmime 1.2.2
paul_l_daniels ripmime 1.3.2.0
f-secure internet_gatekeeper 6.32
clearswift mailsweeper 4.3.13
CVE-2003-1016 HIGH

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_l_daniels ripmime 1.2.0
f-secure internet_gatekeeper 6.31
clearswift mailsweeper 4.3.14
paul_l_daniels ripmime 1.2.4
clearswift mailsweeper 4.3.11
paul_l_daniels ripmime 1.2.3
paul_l_daniels ripmime 1.2.6
paul_l_daniels ripmime 1.2.1
clearswift mailsweeper 4.3.8
f-secure internet_gatekeeper 6.3
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.10
f-secure internet_gatekeeper 6.4
clearswift mailsweeper 4.3.15
paul_l_daniels ripmime 1.2.5
paul_l_daniels ripmime 1.3.2.2
paul_l_daniels ripmime 1.2.7
paul_l_daniels ripmime 1.3.2.3
paul_l_daniels ripmime 1.2.2
paul_l_daniels ripmime 1.3.2.0
f-secure internet_gatekeeper 6.32
clearswift mailsweeper 4.3.13
CVE-2004-0051 HIGH

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_l_daniels ripmime 1.2.0
f-secure internet_gatekeeper 6.31
clearswift mailsweeper 4.3.14
paul_l_daniels ripmime 1.2.4
clearswift mailsweeper 4.3.11
paul_l_daniels ripmime 1.2.3
paul_l_daniels ripmime 1.2.6
paul_l_daniels ripmime 1.2.1
clearswift mailsweeper 4.3.8
f-secure internet_gatekeeper 6.3
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.10
f-secure internet_gatekeeper 6.4
clearswift mailsweeper 4.3.15
paul_l_daniels ripmime 1.2.5
paul_l_daniels ripmime 1.3.2.2
paul_l_daniels ripmime 1.2.7
paul_l_daniels ripmime 1.3.2.3
paul_l_daniels ripmime 1.2.2
paul_l_daniels ripmime 1.3.2.0
f-secure internet_gatekeeper 6.32
clearswift mailsweeper 4.3.13
CVE-2004-0052 HIGH

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_l_daniels ripmime 1.2.0
f-secure internet_gatekeeper 6.31
clearswift mailsweeper 4.3.14
paul_l_daniels ripmime 1.2.4
clearswift mailsweeper 4.3.11
paul_l_daniels ripmime 1.2.3
paul_l_daniels ripmime 1.2.6
paul_l_daniels ripmime 1.2.1
clearswift mailsweeper 4.3.8
f-secure internet_gatekeeper 6.3
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.10
f-secure internet_gatekeeper 6.4
clearswift mailsweeper 4.3.15
paul_l_daniels ripmime 1.2.5
paul_l_daniels ripmime 1.3.2.2
paul_l_daniels ripmime 1.2.7
paul_l_daniels ripmime 1.3.2.3
paul_l_daniels ripmime 1.2.2
paul_l_daniels ripmime 1.3.2.0
f-secure internet_gatekeeper 6.32
clearswift mailsweeper 4.3.13
CVE-2004-0053 HIGH

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_l_daniels ripmime 1.2.0
f-secure internet_gatekeeper 6.31
clearswift mailsweeper 4.3.14
paul_l_daniels ripmime 1.2.4
clearswift mailsweeper 4.3.11
paul_l_daniels ripmime 1.2.3
paul_l_daniels ripmime 1.2.6
paul_l_daniels ripmime 1.2.1
clearswift mailsweeper 4.3.8
f-secure internet_gatekeeper 6.3
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.10
f-secure internet_gatekeeper 6.4
clearswift mailsweeper 4.3.15
paul_l_daniels ripmime 1.2.5
paul_l_daniels ripmime 1.3.2.2
paul_l_daniels ripmime 1.2.7
paul_l_daniels ripmime 1.3.2.3
paul_l_daniels ripmime 1.2.2
paul_l_daniels ripmime 1.3.2.0
f-secure internet_gatekeeper 6.32
clearswift mailsweeper 4.3.13
CVE-2004-0161 HIGH

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_l_daniels ripmime 1.2.0
f-secure internet_gatekeeper 6.31
clearswift mailsweeper 4.3.14
paul_l_daniels ripmime 1.2.4
clearswift mailsweeper 4.3.11
paul_l_daniels ripmime 1.2.3
paul_l_daniels ripmime 1.2.6
paul_l_daniels ripmime 1.2.1
clearswift mailsweeper 4.3.8
f-secure internet_gatekeeper 6.3
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.10
f-secure internet_gatekeeper 6.4
clearswift mailsweeper 4.3.15
paul_l_daniels ripmime 1.2.5
paul_l_daniels ripmime 1.3.2.2
paul_l_daniels ripmime 1.2.7
paul_l_daniels ripmime 1.3.2.3
paul_l_daniels ripmime 1.2.2
paul_l_daniels ripmime 1.3.2.0
f-secure internet_gatekeeper 6.32
clearswift mailsweeper 4.3.13
CVE-2004-0162 HIGH

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
paul_l_daniels ripmime 1.2.0
f-secure internet_gatekeeper 6.31
clearswift mailsweeper 4.3.14
paul_l_daniels ripmime 1.2.4
clearswift mailsweeper 4.3.11
paul_l_daniels ripmime 1.2.3
paul_l_daniels ripmime 1.2.6
paul_l_daniels ripmime 1.2.1
clearswift mailsweeper 4.3.8
f-secure internet_gatekeeper 6.3
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.10
f-secure internet_gatekeeper 6.4
clearswift mailsweeper 4.3.15
paul_l_daniels ripmime 1.2.5
paul_l_daniels ripmime 1.3.2.2
paul_l_daniels ripmime 1.2.7
paul_l_daniels ripmime 1.3.2.3
paul_l_daniels ripmime 1.2.2
paul_l_daniels ripmime 1.3.2.0
f-secure internet_gatekeeper 6.32
clearswift mailsweeper 4.3.13
CVE-2004-0234 HIGH

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
clearswift mailsweeper 4.3.6_sp1
sgi propack 3.0
clearswift mailsweeper 4.0
redhat lha 1.14i-9
clearswift mailsweeper 4.3.11
rarlab winrar 3.20
clearswift mailsweeper 4.3.8
f-secure f-secure_for_firewalls 6.20
sgi propack 2.4
f-secure f-secure_personal_express 4.5
clearswift mailsweeper 4.3.7
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus 5.42
f-secure f-secure_internet_security 2004
tsugio_okamoto lha 1.15
f-secure f-secure_personal_express 4.7
clearswift mailsweeper 4.3.4
clearswift mailsweeper 4.3.5
f-secure f-secure_personal_express 4.6
tsugio_okamoto lha 1.14
clearswift mailsweeper 4.3.6
f-secure internet_gatekeeper 6.32
redhat fedora_core core_1.0
clearswift mailsweeper 4.2
tsugio_okamoto lha 1.17
f-secure internet_gatekeeper 6.31
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.52
f-secure f-secure_internet_security 2003
stalker cgpmcafee 3.2
clearswift mailsweeper 4.3.10
f-secure f-secure_anti-virus 6.21
clearswift mailsweeper 4.3
winzip winzip 9.0
f-secure f-secure_anti-virus 5.5
clearswift mailsweeper 4.1
f-secure f-secure_anti-virus 4.60
clearswift mailsweeper 4.3.3
clearswift mailsweeper 4.3.13
CVE-2004-0235 MEDIUM

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
clearswift mailsweeper 4.3.6_sp1
sgi propack 3.0
clearswift mailsweeper 4.0
redhat lha 1.14i-9
clearswift mailsweeper 4.3.11
rarlab winrar 3.20
clearswift mailsweeper 4.3.8
f-secure f-secure_for_firewalls 6.20
sgi propack 2.4
f-secure f-secure_personal_express 4.5
clearswift mailsweeper 4.3.7
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus 5.42
f-secure f-secure_internet_security 2004
tsugio_okamoto lha 1.15
f-secure f-secure_personal_express 4.7
clearswift mailsweeper 4.3.4
clearswift mailsweeper 4.3.5
f-secure f-secure_personal_express 4.6
tsugio_okamoto lha 1.14
clearswift mailsweeper 4.3.6
f-secure internet_gatekeeper 6.32
redhat fedora_core core_1.0
clearswift mailsweeper 4.2
tsugio_okamoto lha 1.17
f-secure internet_gatekeeper 6.31
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.52
f-secure f-secure_internet_security 2003
stalker cgpmcafee 3.2
clearswift mailsweeper 4.3.10
f-secure f-secure_anti-virus 6.21
clearswift mailsweeper 4.3
winzip winzip 9.0
f-secure f-secure_anti-virus 5.5
clearswift mailsweeper 4.1
f-secure f-secure_anti-virus 4.60
clearswift mailsweeper 4.3.3
clearswift mailsweeper 4.3.13
CVE-2004-0830 MEDIUM

The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure internet_gatekeeper 6.31
f-secure f-secure_anti-virus 6.01
f-secure f-secure_anti-virus 6.21
f-secure internet_gatekeeper 6.3
f-secure f-secure_anti-virus 6.2
f-secure f-secure_content_scanner_server 6.31
f-secure internet_gatekeeper 6.32
CVE-2004-1223 MEDIUM

The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure policy_manager 5.11
CVE-2004-1762 HIGH

Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 4.50_hotfix_2
f-secure f-secure_anti-virus 4.51_hotfix_2
f-secure f-secure_anti-virus 4.50_hotfix_1
CVE-2004-2220 MEDIUM

F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 6.30
f-secure f-secure_anti-virus 6.30_sr1
f-secure f-secure_anti-virus 6.31
CVE-2004-2405 MEDIUM

Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_internet_security *
f-secure f-secure_for_firewalls *
f-secure f-secure_anti-virus 4.60
f-secure internet_gatekeeper *
f-secure f-secure_anti-virus *
CVE-2004-2442 MEDIUM

Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
f-secure f-secure_anti-virus 4.61
f-secure f-secure_for_firewalls 6.20
f-secure f-secure_anti-virus 6.30_sr1
f-secure f-secure_personal_express 4.5
f-secure f-secure_anti-virus 5.55
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 6.01
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2004
f-secure f-secure_personal_express 4.7
f-secure f-secure_anti-virus 2005
f-secure f-secure_personal_express 4.6
f-secure internet_gatekeeper 2.6
f-secure internet_gatekeeper 6.32
f-secure f-secure_anti-virus 5.0
f-secure f-secure_anti-virus 5.43
f-secure internet_gatekeeper 6.31
f-secure f-secure_anti-virus 6.30
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 4.51
f-secure internet_gatekeeper 6.41
f-secure f-secure_personal_express 5.0
f-secure internet_gatekeeper 6.3
f-secure f-secure_anti-virus 4.52
f-secure internet_gatekeeper 6.4
f-secure f-secure_anti-virus 6.21
f-secure f-secure_anti-virus 6.31
f-secure f-secure_anti-virus 5.5
f-secure f-secure_anti-virus 4.60
f-secure f-secure_anti-virus 6.2
CVE-2005-0350 HIGH

Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2004
f-secure f-secure_anti-virus 2005
f-secure internet_gatekeeper 2.06
f-secure f-secure_anti-virus 5.5
f-secure f-secure_personal_express *
f-secure f-secure_anti-virus 4.60
f-secure internet_gatekeeper *
f-secure f-secure_anti-virus *
CVE-2005-2771 HIGH

WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_ssh_server 5.3
f-secure f-secure_ssh_server 5.1
f-secure f-secure_ssh_server 5.2
wrq wrq_reflection_for_secure_it_windows_server 6.0
CVE-2005-3468 MEDIUM

Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure internet_gatekeeper 6.4
f-secure internet_gatekeeper 6.41
f-secure internet_gatekeeper 6.42
f-secure f-secure_anti-virus 6.40
CVE-2005-3546 HIGH

suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure internet_gatekeeper *
f-secure f-secure_anti-virus *
CVE-2005-3664 HIGH

Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus 5.0.5
kaspersky_lab kaspersky_anti-virus_personal 5.0.227
f-secure f-secure_anti-virus 4.50
CVE-2006-0337 HIGH

Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 5.54
f-secure f-secure_anti-virus 2004
f-secure f-secure_anti-virus 2.16
f-secure f-secure_anti-virus 4.61
f-secure f-secure_anti-virus 5.11
f-secure f-secure_anti-virus 5.51
f-secure f-secure_anti-virus 6.30_sr1
f-secure internet_gatekeeper 2.06
f-secure f-secure_anti-virus 5.55
f-secure solutions_based_on_f-secure_personal_express 6.20
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 5.61
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 6.01
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2004
f-secure f-secure_anti-virus 2005
f-secure f-secure_anti-virus 4.64
f-secure internet_gatekeeper 2.6
f-secure f-secure_anti-virus 5.44
f-secure f-secure_anti-virus 2006
f-secure internet_gatekeeper 6.32
f-secure f-secure_anti-virus 5.0
f-secure f-secure_anti-virus 5.43
f-secure internet_gatekeeper 6.31
f-secure f-secure_anti-virus 6.30
f-secure f-secure_internet_security 2006
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 4.51
f-secure internet_gatekeeper 2.14
f-secure internet_gatekeeper 6.41
f-secure internet_gatekeeper 6.3
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.62
f-secure internet_gatekeeper 6.4
f-secure f-secure_anti-virus 5.40
f-secure f-secure_anti-virus 6.21
f-secure internet_gatekeeper 6.42
f-secure f-secure_anti-virus 6.31
f-secure f-secure_anti-virus 5.5
f-secure f-secure_anti-virus 6.40
f-secure f-secure_anti-virus 5.01
f-secure f-secure_anti-virus 6.2
CVE-2006-0338 MEDIUM

Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
f-secure f-secure_anti-virus 4.61
f-secure f-secure_anti-virus 5.11
f-secure f-secure_anti-virus 6.30_sr1
f-secure internet_gatekeeper 2.06
f-secure f-secure_personal_express 4.5
f-secure f-secure_anti-virus 5.55
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 6.01
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2004
f-secure f-secure_personal_express 4.7
f-secure f-secure_anti-virus 2005
f-secure f-secure_personal_express 4.6
f-secure f-secure_anti-virus 4.64
f-secure f-secure_anti-virus 5.44
f-secure internet_gatekeeper 6.32
f-secure f-secure_anti-virus 5.0
f-secure f-secure_anti-virus 5.43
f-secure f-secure_anti-virus 6.30
f-secure f-secure_internet_security 2006
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 4.51
f-secure internet_gatekeeper 2.14
f-secure internet_gatekeeper 6.41
f-secure f-secure_personal_express 5.0
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.62
f-secure f-secure_anti-virus 6.21
f-secure internet_gatekeeper 6.42
f-secure f-secure_anti-virus 6.31
f-secure f-secure_anti-virus 5.5
f-secure f-secure_anti-virus 6.40
f-secure f-secure_anti-virus 4.60
f-secure f-secure_anti-virus 6.2
CVE-2006-0705 MEDIUM

Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified vectors, involving crafted filenames and the stat command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-134,

Products Affected

Vendor Product Version
f-secure f-secure_ssh_server 3.2.3
f-secure f-secure_ssh_server 3.0.0
f-secure f-secure_ssh_server 3.1.0
f-secure f-secure_ssh_server 5.0
f-secure f-secure_ssh_server 3.0.2
f-secure f-secure_ssh_server 5.1
f-secure f-secure_ssh_server 3.0.7
f-secure f-secure_ssh_server 3.0.3
f-secure f-secure_ssh_server 5.3
f-secure f-secure_ssh_server 3.0.6
attachmatewrq reflection_for_secure_it_server 6.0
f-secure f-secure_ssh_server 3.0.9
f-secure f-secure_ssh_server 3.1.0_build9
f-secure f-secure_ssh_server 3.0.8
f-secure f-secure_ssh_server 3.0.1
f-secure f-secure_ssh_server 3.0.5
f-secure f-secure_ssh_server 3.2.0
f-secure f-secure_ssh_server 5.2
f-secure f-secure_ssh_server 3.0.4
CVE-2006-2838 HIGH

Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure internet_gatekeeper 6.4
f-secure internet_gatekeeper 6.41
f-secure internet_gatekeeper 6.42
f-secure f-secure_anti-virus 6.40
f-secure internet_gatekeeper 6.50
CVE-2006-3489 MEDIUM

F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
f-secure f-secure_internet_security 2006
f-secure f-secure_anti-virus 5.51
f-secure f-secure_service_platform_for_service_providers *
f-secure f-secure_internet_security 2003
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus *
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2004
f-secure f-secure_anti-virus 2005
f-secure f-secure_anti-virus 2006
f-secure f-secure_anti-virus 5.5
CVE-2006-3490 MEDIUM

F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
f-secure f-secure_internet_security 2006
f-secure f-secure_anti-virus 5.51
f-secure f-secure_service_platform_for_service_providers *
f-secure f-secure_internet_security 2003
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus *
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2004
f-secure f-secure_anti-virus 2005
f-secure f-secure_anti-virus 2006
f-secure f-secure_anti-virus 5.5
CVE-2010-1425 MEDIUM

F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure f-secure_anti-virus 2004
f-secure f-secure_anti-virus 2.16
f-secure f-secure_anti-virus 5.11
f-secure f-secure_internet_security 2007
f-secure f-secure_anti-virus_for_mimesweeper 5.61
f-secure f-secure_anti-virus_linux_server_security 5.54
f-secure f-secure_anti-virus_for_workstations 5.44
f-secure f-secure_anti-virus 6.03
f-secure f-secure_anti-virus 5.55
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus 5.61
f-secure f-secure_anti-virus_for_microsoft_exchange 7.10
f-secure f-secure_anti-virus_linux_server_security 5.30
f-secure f-secure_anti-virus 2007
f-secure f-secure_anti-virus_linux_client_security *
f-secure f-secure_anti-virus 2005
f-secure f-secure_anti-virus 4.64
f-secure f-secure_anti-virus 5.44
f-secure f-secure_anti-virus 5.3.0
f-secure f-secure_anti-virus_client_security 6.03
f-secure f-secure_internet_security 2008
f-secure f-secure_anti-virus 5.43
f-secure internet_gatekeeper *
f-secure f-secure_anti-virus_for_linux *
f-secure anti-virus *
f-secure f-secure_anti-virus 5.41
f-secure f-secure_internet_security 7.02
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.62
f-secure f-secure_anti-virus 6.21
f-secure anti-virus 6.62
f-secure f-secure_anti-virus_client_security *
f-secure f-secure_anti-virus 6.31
f-secure f-secure_anti-virus 5.01
f-secure f-secure_anti-virus 6.2
f-secure f-secure_anti-virus 4.50_hotfix_1
f-secure f-secure_anti-virus 5.54
f-secure f-secure_anti-virus 4.50
f-secure f-secure_anti-virus 4.61
f-secure f-secure_anti-virus 2009
f-secure f-secure_anti-virus_client_security 7.01
f-secure f-secure_anti-virus 5.51
f-secure f-secure_anti-virus_for_windows_servers 8.00
f-secure f-secure_anti-virus 6.30_sr1
f-secure f-secure_anti-virus_for_workstations 7.10
f-secure home_server_security 2009
f-secure f-secure_anti-virus 5.52
f-secure f-secure_internet_security *
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 6.01
f-secure f-secure_anti-virus_for_microsoft_exchange 7.00
f-secure f-secure_internet_security 2005
f-secure f-secure_internet_security 2004
f-secure f-secure_anti-virus 4.51_hotfix_2
f-secure f-secure_anti-virus 7.02
f-secure f-secure_anti-virus 5.0.2
f-secure f-secure_anti-virus 2006
f-secure f-secure_anti-virus_linux_client_security 5.54
f-secure f-secure_anti-virus 6.61
f-secure f-secure_anti-virus 5.0
f-secure f-secure_anti-virus_linux_client_security 5.30
f-secure f-secure_internet_security 2009
f-secure anti-virus 7.10
f-secure f-secure_anti-virus 6.30
f-secure f-secure_anti-virus 5.56
f-secure f-secure_anti-virus_for_workstations 7.00
f-secure f-secure_internet_security 2006
f-secure f-secure_anti-virus 4.50_hotfix_2
f-secure anti-virus 7.0
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 6.60
f-secure f-secure_anti-virus_linux_server_security 5.52
f-secure f-secure_anti-virus_for_linux 4.65
f-secure f-secure_anti-virus_linux_client_security 5.52
f-secure f-secure_anti-virus_for_citrix_servers 7.00
f-secure f-secure_anti-virus_linux_server_security *
f-secure f-secure_internet_security 2003
f-secure f-secure_anti-virus *
f-secure f-secure_anti-virus_linux_client_security 5.53
f-secure f-secure_anti-virus 7.00
f-secure f-secure_anti-virus_client_security 6.04
f-secure f-secure_anti-virus_for_workstations 7.11
f-secure f-secure_anti-virus 5.2.1
f-secure f-secure_anti-virus 5.40
f-secure f-secure_anti-virus_for_workstations *
f-secure f-secure_anti-virus_client_security 7.10
f-secure f-secure_anti-virus 5.5
f-secure f-secure_anti-virus 6.40
f-secure f-secure_anti-virus 6.02
f-secure f-secure_anti-virus 4.60
f-secure f-secure_anti-virus 4.65
f-secure f-secure_anti-virus 2008
f-secure f-secure_anti-virus_for_microsoft_exchange 6.62
CVE-2010-5161 MEDIUM

Race condition in F-Secure Internet Security 2010 10.00 build 246 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
f-secure f-secure_internet_security_2010 10.00
CVE-2011-0453 MEDIUM

F-Secure Internet Gatekeeper for Linux 3.x before 3.03 does not require authentication for reading access logs, which allows remote attackers to obtain potentially sensitive information via a TCP session on the admin UI port.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
f-secure internet_gatekeeper 3.02.1221
CVE-2011-1102 MEDIUM

Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
f-secure policy_manager 8.10
f-secure policy_manager 9.00
f-secure policy_manager 8.00
f-secure policy_manager 7.00
f-secure policy_manager 8.11
CVE-2011-1103 MEDIUM

The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows remote attackers to obtain sensitive information via a request to an invalid report, which reveals the installation path in an error message, as demonstrated with requests to (1) report/infection-table.html or (2) report/productsummary-table.html.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
f-secure policy_manager 9.00
f-secure policy_manager 8.00
f-secure policy_manager 7.00
f-secure policy_manager 8.1x
CVE-2012-1429 MEDIUM

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
softwin bitdefender 7.2
comodo comodo_antivirus 7424
emsisoft anti-malware 5.1.0.1
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
mcafee gateway 2010.1c
aladdin esafe 7.0.17.0
nprotect nprotect_antivirus 2011-01-17.01
mcafee scan_engine 5.400.0.1158
f-secure f-secure_anti-virus 9.0.16160.0
CVE-2012-1430 MEDIUM

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
f-secure anti-virus 9.0.16160.0
sophos sophos_anti-virus 4.61.0
comodo comodo_antivirus 7424
bitdefender bitdefender 7.2
mcafee gateway 2010.1c
aladdin esafe 7.0.17.0
nprotect nprotect_antivirus 2011-01-17.01
rising-global rising_antivirus 22.83.00.03
mcafee scan_engine 5.400.0.1158
CVE-2012-1431 MEDIUM

The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sophos sophos_anti-virus 4.61.0
comodo comodo_antivirus 7424
authentium command_antivirus 5.2.11.5
bitdefender bitdefender 7.2
mcafee gateway 2010.1c
f-prot f-prot_antivirus 4.6.2.117
aladdin esafe 7.0.17.0
nprotect nprotect_antivirus 2011-01-17.01
rising-global rising_antivirus 22.83.00.03
f-secure f-secure_anti-virus 9.0.16160.0
CVE-2012-1442 MEDIUM

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
antiy avl_sdk 2.0.3.7
sophos sophos_anti-virus 4.61.0
pandasecurity panda_antivirus 10.0.2.7
cat quick_heal 11.00
mcafee gateway 2010.1c
fortinet fortinet_antivirus 4.2.254.0
kaspersky kaspersky_anti-virus 7.0.0.125
aladdin esafe 7.0.17.0
rising-global rising_antivirus 22.83.00.03
mcafee scan_engine 5.400.0.1158
f-secure f-secure_anti-virus 9.0.16160.0
CVE-2012-1443 MEDIUM

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
antiy avl_sdk 2.0.3.7
emsisoft anti-malware 5.1.0.1
pc_tools pc_tools_antivirus 7.0.3.5
ahnlab v3_internet_security 2011.01.18.00
cat quick_heal 11.00
jiangmin jiangmin_antivirus 13.0.900
avira antivir 7.11.1.163
aladdin esafe 7.0.17.0
mcafee scan_engine 5.400.0.1158
f-secure f-secure_anti-virus 9.0.16160.0
sophos sophos_anti-virus 4.61.0
comodo comodo_antivirus 7424
pandasecurity panda_antivirus 10.0.2.7
mcafee gateway 2010.1c
gdata-software g_data_antivirus 21
virusbuster virusbuster 13.6.151.0
alwil avast_antivirus 5.0.677.0
fortinet fortinet_antivirus 4.2.254.0
kaspersky kaspersky_anti-virus 7.0.0.125
alwil avast_antivirus 4.8.1351.0
authentium command_antivirus 5.2.11.5
bitdefender bitdefender 7.2
avg avg_anti-virus 10.0.0.1190
microsoft security_essentials 2.0
norman norman_antivirus_&_antispyware 6.06.12
trendmicro trend_micro_antivirus 9.120.0.1004
eset nod32_antivirus 5795
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
clamav clamav 0.96.4
k7computing antivirus 9.77.3565
f-prot f-prot_antivirus 4.6.2.117
nprotect nprotect_antivirus 2011-01-17.01
rising-global rising_antivirus 22.83.00.03
anti-virus vba32 3.12.14.2
trendmicro housecall 9.120.0.1004
symantec endpoint_protection 11.0
CVE-2012-1459 MEDIUM

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
antiy avl_sdk 2.0.3.7
emsisoft anti-malware 5.1.0.1
pc_tools pc_tools_antivirus 7.0.3.5
ahnlab v3_internet_security 2011.01.18.00
cat quick_heal 11.00
jiangmin jiangmin_antivirus 13.0.900
avira antivir 7.11.1.163
mcafee scan_engine 5.400.0.1158
f-secure f-secure_anti-virus 9.0.16160.0
sophos sophos_anti-virus 4.61.0
comodo comodo_antivirus 7424
pandasecurity panda_antivirus 10.0.2.7
mcafee gateway 2010.1c
gdata-software g_data_antivirus 21
virusbuster virusbuster 13.6.151.0
alwil avast_antivirus 5.0.677.0
fortinet fortinet_antivirus 4.2.254.0
kaspersky kaspersky_anti-virus 7.0.0.125
alwil avast_antivirus 4.8.1351.0
authentium command_antivirus 5.2.11.5
bitdefender bitdefender 7.2
avg avg_anti-virus 10.0.0.1190
microsoft security_essentials 2.0
norman norman_antivirus_&_antispyware 6.06.12
trendmicro trend_micro_antivirus 9.120.0.1004
eset nod32_antivirus 5795
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
clamav clamav 0.96.4
k7computing antivirus 9.77.3565
f-prot f-prot_antivirus 4.6.2.117
nprotect nprotect_antivirus 2011-01-17.01
rising-global rising_antivirus 22.83.00.03
anti-virus vba32 3.12.14.2
trendmicro housecall 9.120.0.1004
symantec endpoint_protection 11.0
CVE-2012-1461 MEDIUM

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
authentium command_antivirus 5.2.11.5
emsisoft anti-malware 5.1.0.1
bitdefender bitdefender 7.2
avg avg_anti-virus 10.0.0.1190
jiangmin jiangmin_antivirus 13.0.900
norman norman_antivirus_&_antispyware 6.06.12
mcafee scan_engine 5.400.0.1158
f-secure f-secure_anti-virus 9.0.16160.0
trendmicro trend_micro_antivirus 9.120.0.1004
sophos sophos_anti-virus 4.61.0
eset nod32_antivirus 5795
ikarus ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
k7computing antivirus 9.77.3565
mcafee gateway 2010.1c
fortinet fortinet_antivirus 4.2.254.0
kaspersky kaspersky_anti-virus 7.0.0.125
rising-global rising_antivirus 22.83.00.03
anti-virus vba32 3.12.14.2
trendmicro housecall 9.120.0.1004
symantec endpoint_protection 11.0
CVE-2012-1463 MEDIUM

The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
authentium command_antivirus 5.2.11.5
bitdefender bitdefender 7.2
ahnlab v3_internet_security 2011.01.18.00
cat quick_heal 11.00
aladdin esafe 7.0.17.0
norman norman_antivirus_&_antispyware 6.06.12
mcafee scan_engine 5.400.0.1158
f-secure f-secure_anti-virus 9.0.16160.0
comodo comodo_antivirus 7424
pandasecurity panda_antivirus 10.0.2.7
f-prot f-prot_antivirus 4.6.2.117
nprotect nprotect_antivirus 2011-01-17.01
CVE-2012-6646 LOW

F-Secure Anti-Virus, Safe Anywhere, and PSB Workstation Security before 11500 for Mac OS X allows local users to disable the Mac OS X firewall via unspecified vectors.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure psb_workstation_security -
f-secure safe_anywhere -
f-secure anti-virus -
CVE-2013-7369 HIGH

SQL injection vulnerability in an unspecified DLL in the FSDBCom ActiveX control in F-Secure Anti-Virus for Microsoft Exchange Server before HF02, Anti-Virus for Windows Servers 9.00 before HF09, Anti-Virus for Citrix Servers 9.00 before HF09, and F-Secure Email and Server Security and F-Secure Server Security 9.20 before HF01 allows remote attackers to execute arbitrary SQL commands via unknown vectors, related to GetCommand.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
f-secure anti-virus 9.00
f-secure anti-virus 9.10
f-secure email_and_server_security 9.20
f-secure server_security 9.20
CVE-2014-2844 LOW

Cross-site scripting (XSS) vulnerability in F-Secure Messaging Secure Gateway 7.5.0 before Patch 1862 allows remote authenticated administrators to inject arbitrary web script or HTML via the new parameter in the SysUser module to admin.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
f-secure secure_messaging_secure_gateway 7.5.0
CVE-2015-8264 MEDIUM

Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as F-SecureOnlineScanner.exe.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-426,

Products Affected

Vendor Product Version
f-secure f-secure_online_scanner -
CVE-2017-6466 HIGH

F-Secure Software Updater 2.20, as distributed in several F-Secure products, downloads installation packages over plain http and does not perform file integrity validation after download. Man-in-the-middle attackers can replace the file with their own executable which will be executed under the SYSTEM account. Note that when Software Updater is configured to install updates automatically, it checks if the downloaded file is digitally signed by default, but does not check the author of the signature. When running in manual mode (default), no signature check is performed.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
f-secure software_updater 2.20
CVE-2018-10403 MEDIUM

An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
f-secure xfence -
CVE-2018-6189 MEDIUM

F-Secure Radar (on-premises) before 2018-02-15 has XSS via vectors involving the Tags parameter in the JSON request body in an outbound request for the /api/latest/vulnerabilityscans/tags/batch resource, aka a "suggested metadata tags for assets" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
f-secure radar *
CVE-2018-6324 MEDIUM

F-Secure Radar (on-premises) before 2018-02-15 has an Unvalidated Redirect via the ReturnUrl parameter that triggers upon a user login.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
f-secure radar *
CVE-2019-11644 MEDIUM

In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F-Secure Internet Security before 17.6, F-Secure Anti-Virus before 17.6, F-Secure Client Security Standard and Premium before 14.10, F-Secure PSB Workstation Security before 12.01, and F-Secure Computer Protection Standard and Premium before 19.3, a local user can escalate their privileges through a DLL hijacking attack against the installer. The installer writes the file rm.exe to C:\Windows\Temp and then executes it. The rm.exe process then attempts to load several DLLs from its current directory. Non-admin users are able to write to this folder, so an attacker can create a malicious C:\Windows\Temp\OLEACC.dll file. When an admin runs the installer, rm.exe will execute the attacker's DLL in an elevated security context.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-427,

Products Affected

Vendor Product Version
f-secure psb_workstation_security *
f-secure safe *
f-secure computer_protection *
f-secure internet_security *
f-secure client_security *
CVE-2020-14977 HIGH

An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allows an attacker to perform a PID reuse attack and connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure safe 17.7
CVE-2020-14978 HIGH

An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure safe 17.7
CVE-2020-9342 MEDIUM

The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-436,

Products Affected

Vendor Product Version
f-secure cloud_protection_for_salesforce *
f-secure email_and_server_security *
f-secure internet_gatekeeper *
CVE-2021-33572 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the FSAVD component used in certain F-Secure products can crash while scanning larger packages/fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 2.1 1.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
f-secure elements_for_microsoft_365 -
f-secure endpoint_protection *
f-secure cloud_protection_for_salesforce -
f-secure linux_security -
CVE-2021-33594 LOW

An address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted a malicious URL, it appears like a legitimate one on the address bar, while the content comes from other domain and presented in a window, covering the original content. A remote attacker can leverage this to perform address bar spoofing attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 2.1 1.4
nvd@nist.gov 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 2.1 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2021-33595 LOW

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 2.1 1.4
nvd@nist.gov 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 2.1 1.4

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2021-33596 LOW

Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. Exploiting the vulnerability requires the user to click on a specially crafted, seemingly legitimate URL containing an embedded malicious redirect while using F-Secure Safe Browser for iOS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N 2.3 1.4
cve-notifications-us@f-secure.com 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N 2.1 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2021-33597 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6
cve-notifications-us@f-secure.com 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N 2.1 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure client_security -
f-secure business_suite -
f-secure elements_endpoint_protection -
f-secure linux_security -
CVE-2021-33598 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in all versions of F-Secure Atlant whereby the SAVAPI component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 2.8 3.6
cve-notifications-us@f-secure.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 2.1 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection -
f-secure linux_security -
f-secure atlant *
CVE-2021-33599 MEDIUM

A vulnerability affecting F-Secure Antivirus engine was discovered whereby scanning WIM archive file can lead to denial-of-service (infinite loop and freezes AV engine scanner). The vulnerability can be exploit remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6
cve-notifications-us@f-secure.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 2.1 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-835,

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection -
f-secure cloud_protection_for_salesforce -
f-secure linux_security -
f-secure atlant -
CVE-2021-33600 MEDIUM

A denial-of-service (DoS) vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. The vulnerability occurs because of an attacker can trigger assertion via malformed HTTP packet to web interface. An unauthenticated attacker could exploit this vulnerability by sending a large username parameter. A successful exploitation could lead to a denial-of-service of the product.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-617,

Products Affected

Vendor Product Version
f-secure internet_gatekeeper *
CVE-2021-33601 MEDIUM

A vulnerability was discovered in the web user interface of F-Secure Internet Gatekeeper. An authenticated user can modify settings through the web user interface in a way that could lead to an arbitrary code execution on the F-Secure Internet Gatekeeper server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9
cve-notifications-us@f-secure.com 7.6 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:H 2.1 5.5

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure internet_gatekeeper *
CVE-2021-33602 MEDIUM

A vulnerability affecting the F-Secure Antivirus engine was discovered when the engine tries to unpack a zip archive (LZW decompression method), and this can crash the scanning engine. The vulnerability can be exploited remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4
cve-notifications-us@f-secure.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 2.1 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure cloud_protection *
f-secure linux_security *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2021-33603 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 2.1 3.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection -
f-secure elements_for_microsoft_365 -
f-secure cloud_protection_for_salesforce -
f-secure internet_gatekeeper -
f-secure elements_endpoint_detection_and_response -
f-secure linux_security -
f-secure atlant -
CVE-2021-40832 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 2.1 3.4
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection -
f-secure elements_for_microsoft_365 -
f-secure cloud_protection_for_salesforce -
f-secure internet_gatekeeper -
f-secure elements_endpoint_detection_and_response -
f-secure linux_security -
f-secure atlant -
CVE-2021-40833 MEDIUM

A vulnerability affecting F-Secure antivirus engine was discovered whereby unpacking UPX file can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 2.1 3.4
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-404,

Products Affected

Vendor Product Version
f-secure linux_security_64 -
f-secure elements_endpoint_protection -
f-secure internet_gatekeeper -
f-secure linux_security -
f-secure atlant -
CVE-2021-40834 MEDIUM

A user interface overlay vulnerability was discovered in F-secure SAFE Browser for Android. When user click on a specially crafted seemingly legitimate URL SAFE browser goes into full screen and hides the user interface. A remote attacker can leverage this to perform spoofing attack.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1021,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2021-40835 MEDIUM

An URL Address bar spoofing vulnerability was discovered in Safe Browser for iOS. When user clicks on a specially crafted a malicious URL, if user does not carefully pay attention to url, user may be tricked to think content may be coming from a valid domain, while it comes from another. This is performed by using a very long username part of the url so that user cannot see the domain name. A remote attacker can leverage this to perform url address bar spoofing attack. The fix is, browser no longer shows the user name part in address bar.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4
cve-notifications-us@f-secure.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N 2.1 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2021-40836 MEDIUM

A vulnerability affecting F-Secure antivirus engine was discovered whereby scanning MS outlook .pst files can lead to denial-of-service. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L 2.1 2.5
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure elements_endpoint_detection_and_response *
f-secure elements_endpoint_protection *
f-secure linux_security *
f-secure linux_security_64 *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2021-40837 MEDIUM

A vulnerability affecting F-Secure antivirus engine before Capricorn update 2022-02-01_01 was discovered whereby decompression of ACE file causes the scanner service to stop. The vulnerability can be exploited remotely by an attacker. A successful attack will result in denial-of-service of the antivirus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L 2.1 2.5
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure elements_endpoint_detection_and_response *
f-secure elements_endpoint_protection *
f-secure security_cloud *
f-secure linux_security *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2021-44747 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Linux Security whereby the Fmlib component used in certain F-Secure products can crash while scanning fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service of the Anti-Virus engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6
cve-notifications-us@f-secure.com 4.6 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L 2.1 2.5

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection *
f-secure security_cloud *
f-secure linux_security *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2021-44748 MEDIUM

A vulnerability affecting F-Secure SAFE browser was discovered whereby browsers loads images automatically this vulnerability can be exploited remotely by an attacker to execute the JavaScript can be used to trigger universal cross-site scripting through the browser. User interaction is required prior to exploitation, such as entering a malicious website to trigger the vulnerability.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7
cve-notifications-us@f-secure.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 2.1 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
f-secure safe 18.5
CVE-2021-44749 MEDIUM

A vulnerability affecting F-Secure SAFE browser protection was discovered improper URL handling can be triggered to cause universal cross-site scripting through browsing protection in a SAFE web browser. User interaction is required prior to exploitation. A successful exploitation may lead to arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.6 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H 2.8 6.0
cve-notifications-us@f-secure.com 5.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L 2.1 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
f-secure safe 18.5
CVE-2021-44750 HIGH

An arbitrary code execution vulnerability was found in the F-Secure Support Tool. A standard user can craft a special configuration file, which when run by administrator can execute any commands.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.3 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H 1.3 5.9
cve-notifications-us@f-secure.com 6.4 MEDIUM CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H 0.5 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure client_security -
f-secure email_and_server_security -
f-secure server_security -
f-secure countercept -
f-secure elements -
CVE-2021-44751 MEDIUM

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website attached with USSD code in JavaScript or iFrame can trigger dialer application from F-Secure browser which can be exploited by an attacker to send unwanted USSD messages or perform unwanted calls. In most modern Android OS, dialer application will require user interaction, however, some older Android OS may not need user interaction.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-28868 MEDIUM

An Address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted malicious webpage/URL, user may be tricked for a short period of time (until the page loads) to think content may be coming from a valid domain, while the content comes from the attacker controlled site.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-28869 MEDIUM

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-28870 MEDIUM

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N 2.8 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-28871 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-770,

Products Affected

Vendor Product Version
f-secure atlant -
CVE-2022-28872 MEDIUM

A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-28873 MEDIUM

A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N 2.8 1.4
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-28874 MEDIUM

Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection *
withsecure elements_collaboration_protection *
withsecure cloud_protection_for_salesforce *
f-secure linux_security *
f-secure atlant *
CVE-2022-28875 MEDIUM

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-404,

Products Affected

Vendor Product Version
f-secure elements_collaboration_protection -
f-secure elements_endpoint_protection -
f-secure cloud_protection_for_salesforce -
f-secure internet_gatekeeper -
f-secure elements_endpoint_detection_and_response -
f-secure linux_security -
f-secure atlant -
CVE-2022-28876

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aeheur.dll component can crash the scanning engine. The exploit can be triggered remotely by an attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
f-secure cloud_protection_for_salesforce *
f-secure elements_endpoint_protection *
f-secure elements_collaboration_protection *
f-secure linux_security *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2022-28877

This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.7 MEDIUM CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.8 5.9
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection *
CVE-2022-28878

A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
f-secure linux_security_64 -
f-secure elements_collaboration_protection -
f-secure elements_endpoint_protection -
f-secure cloud_protection_for_salesforce -
f-secure internet_gatekeeper -
f-secure linux_security -
f-secure atlant -
CVE-2022-28879

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure linux_security_64 -
f-secure elements_collaboration_protection -
f-secure elements_endpoint_protection -
f-secure cloud_protection_for_salesforce -
f-secure internet_gatekeeper -
f-secure linux_security -
f-secure atlant -
CVE-2022-28880

A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files it is possible that can crash the scanning engine. The exploit can be triggered remotely by an attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
f-secure cloud_protection_for_salesforce *
f-secure elements_endpoint_detection_and_response *
f-secure elements_endpoint_protection *
f-secure elements_collaboration_protection *
f-secure linux_security *
f-secure linux_security_64 *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2022-28881

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine crash. The exploit can be triggered remotely by an attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure cloud_protection_for_salesforce *
f-secure elements_endpoint_detection_and_response *
f-secure elements_endpoint_protection *
f-secure elements_collaboration_protection *
f-secure linux_security *
f-secure linux_security_64 *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2022-28882

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure cloud_protection_for_salesforce *
f-secure elements_endpoint_protection *
f-secure elements_collaboration_protection *
f-secure linux_security *
f-secure linux_security_64 *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2022-28883

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cve-notifications-us@f-secure.com 3.5 LOW CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:L 0.9 2.5
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure cloud_protection_for_salesforce *
f-secure elements_endpoint_protection *
f-secure elements_collaboration_protection *
f-secure linux_security *
f-secure linux_security_64 *
f-secure atlant *
f-secure internet_gatekeeper *
CVE-2022-28884

A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
withsecure elements_endpoint_protection *
withsecure business_suite -
f-secure internet_gatekeeper -
f-secure linux_security -
CVE-2022-28885

A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing the scanning request.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
f-secure linux_security -
f-secure atlant -
CVE-2022-28886

A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.so/aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
f-secure cloud_protection_for_salesforce *
f-secure collaboration_protection *
f-secure elements_endpoint_protection *
f-secure linux_security *
f-secure internet_gatekeeper -
CVE-2022-28887

Multiple Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl.dll unpacker handler function crashes. This can lead to a possible scanning engine crash.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
cve-notifications-us@f-secure.com 4.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L 0.9 3.4

Products Affected

Vendor Product Version
f-secure linux_security_64 -
f-secure elements_endpoint_protection -
f-secure internet_gatekeeper -
f-secure elements_endpoint_detection_and_response -
f-secure linux_security -
f-secure atlant -
CVE-2022-38163

A Drag and Drop spoof vulnerability was discovered in F-Secure SAFE Browser for Android and iOS version 19.0 and below. Drag and drop operation by user on address bar could lead to a spoofing of the address bar.

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-38164

A vulnerability affecting F-Secure SAFE browser for Android and iOS was discovered. A maliciously crafted website could make a phishing attack with URL spoofing as the browser only display certain part of the entire URL.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 2.8 3.6

Products Affected

Vendor Product Version
f-secure safe *
CVE-2022-38166

In F-Secure Endpoint Protection for Windows and macOS before channel with Capricorn database 2022-11-22_07, the aerdl.dll unpacker handler crashes. This can lead to a scanning engine crash, triggerable remotely by an attacker for denial of service.

Products Affected

Vendor Product Version
f-secure elements_endpoint_protection -
CVE-2022-45871

A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing ICAP request. The exploit can be triggered remotely by an attacker.

Products Affected

Vendor Product Version
f-secure atlant -
CVE-2022-47524

F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack.

Products Affected

Vendor Product Version
f-secure safe *
CVE-2023-43760

Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure linux_security_64 12.0
f-secure elements_endpoint_protection *
f-secure atlant 1.0.35-1
f-secure email_and_server_security 15.00
f-secure linux_protection 12.0
f-secure client_security 15.00
f-secure server_security 15.00
CVE-2023-43761

Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure linux_security_64 12.0
f-secure elements_endpoint_protection *
f-secure atlant 1.0.35-1
f-secure email_and_server_security 15.00
f-secure linux_protection 12.0
f-secure client_security 15.00
f-secure server_security 15.00
CVE-2023-43765

Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure linux_security_64 12.0
f-secure elements_endpoint_protection *
f-secure atlant 1.0.35-1
f-secure email_and_server_security 15.00
f-secure linux_protection 12.0
f-secure client_security 15.00
f-secure server_security 15.00
CVE-2023-43766

Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

Products Affected

Vendor Product Version
f-secure linux_security_64 12.0
f-secure elements_endpoint_protection *
f-secure atlant 1.0.35-1
f-secure email_and_server_security 15.00
f-secure linux_protection 12.0
f-secure client_security 15.00
f-secure server_security 15.00
CVE-2023-43767

Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure linux_security_64 12.0
f-secure elements_endpoint_protection *
f-secure atlant 1.0.35-1
f-secure email_and_server_security 15.00
f-secure linux_protection 12.0
f-secure client_security 15.00
f-secure server_security 15.00
CVE-2023-49321

Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

Products Affected

Vendor Product Version
f-secure linux_security_64 12.0
f-secure elements_endpoint_protection *
f-secure atlant 1.0.35-1
f-secure email_and_server_security 15.00
f-secure linux_protection 12.0
f-secure client_security 15.00
f-secure server_security 15.00
CVE-2023-49322

Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

Products Affected

Vendor Product Version
f-secure linux_security_64 12.0
f-secure elements_endpoint_protection *
f-secure atlant 1.0.35-1
f-secure email_and_server_security 15.00
f-secure linux_protection 12.0
f-secure client_security 15.00
f-secure server_security 15.00
CVE-2024-7240

F-Secure Total Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of F-Secure Total. User interaction on the part of an administrator is required to exploit this vulnerability. The specific flaw exists within the WithSecure plugin hosting service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-23005.

Products Affected

Vendor Product Version
f-secure total 19.2