Unrated severityNVD Advisory· Published Jun 6, 2006· Updated Apr 16, 2026

CVE-2006-2838

Description

Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host.

Affected products

F-Secure/Anti Virus
cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*
F-Secure/Internet Gatekeeper4 versions
cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:6.50:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/20407nvdPatchVendor Advisory
securitytracker.com/idnvdPatch
www.f-secure.com/security/fsc-2006-3.shtmlnvdPatch
securitytracker.com/idnvd
www.vupen.com/english/advisories/2006/2076nvd
exchange.xforce.ibmcloud.com/vulnerabilities/26799nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000