Vulnerability Details CVE-2006-0338
Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/18529
- http://securitytracker.com/id?1015507
- http://securitytracker.com/id?1015508
- http://securitytracker.com/id?1015509
- http://securitytracker.com/id?1015510
- http://www.ciac.org/ciac/bulletins/q-103.shtml
- http://www.f-secure.com/security/fsc-2006-1.shtml
- http://www.osvdb.org/22633
- http://www.securityfocus.com/bid/16309
- http://www.vupen.com/english/advisories/2006/0257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24199
- http://secunia.com/advisories/18529
- http://securitytracker.com/id?1015507
- http://securitytracker.com/id?1015508
- http://securitytracker.com/id?1015509
- http://securitytracker.com/id?1015510
- http://www.ciac.org/ciac/bulletins/q-103.shtml
- http://www.f-secure.com/security/fsc-2006-1.shtml
- http://www.osvdb.org/22633
- http://www.securityfocus.com/bid/16309
- http://www.vupen.com/english/advisories/2006/0257
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24199
Products affected by CVE-2006-0338
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2003
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2004
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2005
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.51
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.52
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.60
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.61
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.62
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.64
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.0
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.11
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.41
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.42
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.43
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.44
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.5
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.52
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.55
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.01
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.2
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.21
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.31
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.40
-
cpe:2.3:a:f-secure:f-secure_internet_security:2004
-
cpe:2.3:a:f-secure:f-secure_internet_security:2005
-
cpe:2.3:a:f-secure:f-secure_internet_security:2006
-
cpe:2.3:a:f-secure:f-secure_personal_express:4.5
-
cpe:2.3:a:f-secure:f-secure_personal_express:4.6
-
cpe:2.3:a:f-secure:f-secure_personal_express:4.7
-
cpe:2.3:a:f-secure:f-secure_personal_express:5.0
-
cpe:2.3:a:f-secure:internet_gatekeeper:2.06
-
cpe:2.3:a:f-secure:internet_gatekeeper:2.14
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.32
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.41
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.42