Vulnerability Details CVE-2006-0337
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.064
EPSS Ranking 90.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/18529
- http://securitytracker.com/id?1015507
- http://securitytracker.com/id?1015508
- http://securitytracker.com/id?1015509
- http://securitytracker.com/id?1015510
- http://www.ciac.org/ciac/bulletins/q-103.shtml
- http://www.f-secure.com/security/fsc-2006-1.shtml
- http://www.osvdb.org/22632
- http://www.securityfocus.com/bid/16309
- http://www.vupen.com/english/advisories/2006/0257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24198
- http://secunia.com/advisories/18529
- http://securitytracker.com/id?1015507
- http://securitytracker.com/id?1015508
- http://securitytracker.com/id?1015509
- http://securitytracker.com/id?1015510
- http://www.ciac.org/ciac/bulletins/q-103.shtml
- http://www.f-secure.com/security/fsc-2006-1.shtml
- http://www.osvdb.org/22632
- http://www.securityfocus.com/bid/16309
- http://www.vupen.com/english/advisories/2006/0257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24198
Products affected by CVE-2006-0337
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2.16
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2004
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2005
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2006
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.51
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.52
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.61
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.62
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.64
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.0
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.01
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.11
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.40
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.41
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.42
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.43
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.44
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.5
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.51
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.52
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.54
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.55
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.61
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.01
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.2
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.21
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.31
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.40
-
cpe:2.3:a:f-secure:f-secure_internet_security:2004
-
cpe:2.3:a:f-secure:f-secure_internet_security:2005
-
cpe:2.3:a:f-secure:f-secure_internet_security:2006
-
cpe:2.3:a:f-secure:internet_gatekeeper:2.06
-
cpe:2.3:a:f-secure:internet_gatekeeper:2.14
-
cpe:2.3:a:f-secure:internet_gatekeeper:2.6
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.3
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.31
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.32
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.4
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.41
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.42
-
cpe:2.3:a:f-secure:solutions_based_on_f-secure_personal_express:6.20