CVE-2006-6408 — LAB Kaspersky Anti-virus vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 39.81%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Kaspersky LAB Kaspersky Anti-virus

Timeline

PublishedDec 10

Latest updateMay 1

Description

Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDkaspersky_lab/kaspersky_anti-virus5.5.10

🔴Vulnerability Details

GHSA

GHSA-5hgh-p589-mcv4: Kaspersky Anti-Virus for Linux Mail Servers 5↗2022-05-01

▶

CVEList

CVE-2006-6408: Kaspersky Anti-Virus for Linux Mail Servers 5↗2006-12-10

▶