CVE-2008-0792

CWE-2645 documents4 sources

Severity

5.8MEDIUM

EPSS

0.6%

top 31.20%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F-secure F-secure Protection Service FOR Business F-secure F-secure Protection Service FOR Consumers F-secure F-secure Anti-virus +5 more

Timeline

PublishedFeb 15

Latest updateMay 1

Description

Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages5 packages

▶NVDf-secure/f-secure_anti-virus_client_security4 versions+3

▶NVDf-secure/f-secure_anti-virus_linux_client_security5.52, 5.53+1

▶NVDf-secure/f-secure_anti-virus7 versions+6

▶NVDf-secure/f-secure_protection_service3.00

▶NVDf-secure/f-secure_internet_security2006, 2007, 2008+2

Patches

Patch: www.f-secure.com ↗Patch: www.f-secure.com ↗

🔴Vulnerability Details

GHSA

GHSA-ggq4-3r94-cq28: Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and o↗2022-05-01

▶

CVEList

CVE-2008-0792: Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and o↗2008-02-15

▶

💬Community

Bugzilla

CVE-2008-6679 CVE-2009-0196 CVE-2009-0792 ghostscript various flaws [F9]↗2009-04-15

▶

Bugzilla

CVE-2008-6679 CVE-2009-0196 CVE-2009-0792 ghostscript various flaws [F10]↗2009-04-15

▶