CVE-2006-3490 — Anti-virus vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.3%

top 19.96%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F-secure Anti-virus F-secure Internet Security

Timeline

PublishedJul 10

Latest updateMay 1

Description

F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDf-secure/f-secure_anti-virus5.44+10

▶NVDf-secure/f-secure_internet_security4 versions+3

Patches

Patch: www.f-secure.com ↗Patch: www.f-secure.com ↗

🔴Vulnerability Details

GHSA

GHSA-cq8g-mwjh-cwqg: F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6↗2022-05-01

▶

CVEList

CVE-2006-3490: F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6↗2006-07-10

▶