CVE-2008-0910

CWE-2643 documents3 sources

Severity

7.5HIGH

EPSS

0.7%

top 27.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F-secure F-secure Protection Service FOR Business F-secure F-secure Protection Service FOR Consumers F-secure F-secure Anti-virus +5 more

Timeline

PublishedFeb 22

Latest updateMay 1

Description

Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages5 packages

▶NVDf-secure/f-secure_anti-virus_client_security4 versions+3

▶NVDf-secure/f-secure_anti-virus_linux_client_security5.52, 5.53+1

▶NVDf-secure/f-secure_anti-virus7 versions+6

▶NVDf-secure/f-secure_protection_service3.00

▶NVDf-secure/f-secure_internet_security2006, 2007, 2008+2

Patches

Patch: www.f-secure.com ↗Patch: www.f-secure.com ↗

🔴Vulnerability Details

GHSA

GHSA-m8c8-vwp2-gj7m: Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and o↗2022-05-01

▶

CVEList

CVE-2008-0910: Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and o↗2008-02-22

▶