VYPR

Vendor CVEs

F-Secure

All CVEs

128 total · sorted by risk
  • CVE-2007-2965May 31, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to…

  • CVE-2007-2966May 31, 2007
    risk 0.00cvss epss 0.05

    Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer…

  • CVE-2007-2967May 31, 2007
    risk 0.00cvss epss 0.05

    Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.

  • CVE-2007-1557Mar 21, 2007
    risk 0.00cvss epss 0.00

    Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page.

  • CVE-2006-6407Dec 10, 2006
    risk 0.00cvss epss 0.02

    F-Prot Antivirus for Linux x86 Mail Servers 4.6.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

  • CVE-2006-6409Dec 10, 2006
    risk 0.00cvss epss 0.04

    F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the…

  • CVE-2006-3490Jul 10, 2006
    risk 0.00cvss epss 0.02

    F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to…

  • CVE-2006-3489Jul 10, 2006
    risk 0.00cvss epss 0.02

    F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier allows remote attackers to bypass anti-virus scanning via a crafted filename.

  • CVE-2006-2838Jun 6, 2006
    risk 0.00cvss epss 0.06

    Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By…

  • CVE-2006-0338Jan 21, 2006
    risk 0.00cvss epss 0.03

    Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data…

  • CVE-2006-0337Jan 21, 2006
    risk 0.00cvss epss 0.06

    Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute…

  • CVE-2005-3664Nov 18, 2005
    risk 0.00cvss epss 0.04

    Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.

  • CVE-2005-3468Nov 2, 2005
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files.

  • CVE-2005-2771Sep 2, 2005
    risk 0.00cvss epss 0.05

    WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to…

  • CVE-2005-0350May 2, 2005
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.

  • CVE-2004-2405Dec 31, 2004
    risk 0.00cvss epss 0.02

    Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.

  • CVE-2004-2276Dec 31, 2004
    risk 0.00cvss epss 0.00

    F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection.

  • CVE-2004-1762Dec 31, 2004
    risk 0.00cvss epss 0.03

    Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.

  • CVE-2004-2220Dec 31, 2004
    risk 0.00cvss epss 0.02

    F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection.

  • CVE-2004-0051Oct 20, 2004
    risk 0.00cvss epss 0.02

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be…

  • CVE-2004-0162Oct 20, 2004
    risk 0.00cvss epss 0.02

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.

  • CVE-2004-0052Oct 20, 2004
    risk 0.00cvss epss 0.02

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be…

  • CVE-2004-0161Oct 20, 2004
    risk 0.00cvss epss 0.02

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.

  • CVE-2003-1016Oct 20, 2004
    risk 0.00cvss epss 0.02

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3)…

  • CVE-2003-1015Oct 20, 2004
    risk 0.00cvss epss 0.02

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.

  • CVE-2004-0053Oct 20, 2004
    risk 0.00cvss epss 0.02

    Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.

  • CVE-2004-0830Sep 9, 2004
    risk 0.00cvss epss 0.02

    The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to…

  • CVE-2004-0235Aug 18, 2004
    risk 0.00cvss epss 0.04

    Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").

Page 3 of 3