F-Secure: Security Vulnerabilities
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
CVSS Score
7.5
EPSS Score
0.08
Published
2005-11-18
suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux before 2.15.484 and (2) Anti-Virus Linux Gateway before 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege.
CVSS Score
7.2
EPSS Score
0.004
Published
2005-11-16
Directory traversal vulnerability in F-Secure Anti-Virus for Microsoft Exchange 6.40 and Internet Gatekeeper 6.40 to 6.42 allows limited remote attackers to bypass Web Console authentication and read files.
CVSS Score
5.0
EPSS Score
0.008
Published
2005-11-02
WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied.
CVSS Score
10.0
EPSS Score
0.018
Published
2005-09-02
Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.
CVSS Score
7.5
EPSS Score
0.031
Published
2005-05-02
The Management Agent in F-Secure Policy Manager 5.11.2810 allows remote attackers to gain sensitive information, such as the absolute path for the web server, via an HTTP request to fsmsh.dll without any parameters.
CVSS Score
5.0
EPSS Score
0.036
Published
2005-01-10
Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.
CVSS Score
7.5
EPSS Score
0.006
Published
2004-12-31
F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection.
CVSS Score
5.0
EPSS Score
0.007
Published
2004-12-31
F-Secure Anti-Virus 5.41 and 5.42 on Windows, Client Security 5.50 and 5.52, 4.60 for Samba Servers, and 4.52 and earlier for Linux does not properly detect certain viruses in a PKZip archive, which allows viruses such as Sober.D and Sober.G to bypass initial detection.
CVSS Score
2.1
EPSS Score
0.001
Published
2004-12-31
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.
CVSS Score
6.4
EPSS Score
0.003
Published
2004-12-31