F-Secure Anti-Virus vulnerabilities
34 known vulnerabilities affecting f-secure/f-secure_anti-virus.
Total CVEs
34
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH10MEDIUM19LOW1
Vulnerabilities
Page 1 of 2
CVE-2012-1461P2MEDIUMCVSS 4.3Exploitedv9.0.16160.02012-03-21
CVE-2012-1461 [MEDIUM] CWE-264 CVE-2012-1461: The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Ems
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Sc
nvd
CVE-2012-1459P3MEDIUMCVSS 4.3v9.0.16160.02012-03-21
CVE-2012-1459 [MEDIUM] CWE-264 CVE-2012-1459: The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy La
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Ant
nvd
CVE-2012-1443P3MEDIUMCVSS 4.3v9.0.16160.02012-03-21
CVE-2012-1443 [MEDIUM] CWE-264 CVE-2012-1443: The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 1
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.
nvd
CVE-2012-1463P3MEDIUMCVSS 4.3v9.0.16160.02012-03-21
CVE-2012-1463 [MEDIUM] CWE-264 CVE-2012-1463: The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka C
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17
nvd
CVE-2012-1442P3MEDIUMCVSS 4.3v9.0.16160.02012-03-21
CVE-2012-1442 [MEDIUM] CWE-264 CVE-2012-1442: The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and
nvd
CVE-2012-1431P3MEDIUMCVSS 4.3v9.0.16160.02012-03-21
CVE-2012-1431 [MEDIUM] CWE-264 CVE-2012-1431: The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware dete
nvd
CVE-2012-1429P3MEDIUMCVSS 4.3v9.0.16160.02012-03-21
CVE-2012-1429 [MEDIUM] CWE-264 CVE-2012-1429: The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers
nvd
CVE-2004-2442P4MEDIUMCVSS 5.0PoCv4.51v4.52+17 more2004-12-31
CVE-2004-2442 [MEDIUM] CVE-2004-2442: Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 an
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global he
nvd
CVE-2008-6085P3HIGHCVSS 7.6v7.02v2006+3 more2009-02-06
CVE-2008-6085 [HIGH] CWE-189 CVE-2008-6085: Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
nvd
CVE-2004-0234P3CRITICALCVSS 10.0v4.51v4.52+8 more2004-08-18
CVE-2004-0234 [CRITICAL] CWE-119 CVE-2004-0234: Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used i
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
nvd
CVE-2006-0337P3HIGHCVSS 7.5v2.16v4.51+28 more2006-01-21
CVE-2006-0337 [HIGH] CVE-2006-0337: Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, includi
Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.
nvd
CVE-2007-2966P3HIGHCVSS 7.5≤ 4.65≤ 5.42+7 more2007-05-31
CVE-2007-2966 [HIGH] CVE-2007-2966: Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Win
Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335.
nvd
CVE-2005-3664P3HIGHCVSS 7.5v4.502005-11-18
CVE-2005-3664 [HIGH] CVE-2005-3664: Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, An
Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.
nvd
CVE-2007-3300P3CRITICALCVSS 9.3v2.16v4.51+33 more2007-06-20
CVE-2007-3300 [CRITICAL] CVE-2007-3300: Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote a
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
nvd
CVE-2007-2967P3CRITICALCVSS 10.0≤ 4.65≤ 5.42+7 more2007-05-31
CVE-2007-2967 [CRITICAL] CWE-20 CVE-2007-2967: Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote a
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.
nvd
CVE-2005-0350P4HIGHCVSS 7.5≤ 4.52≤ 4.61+11 more2005-05-02
CVE-2005-0350 [HIGH] CVE-2005-0350: Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows rem
Heap-based buffer overflow in multiple F-Secure Anti-Virus and Internet Security products allows remote attackers to execute arbitrary code via a crafted ARJ archive.
nvd
CVE-2006-2838P4HIGHCVSS 7.6v6.402006-06-06
CVE-2006-2838 [HIGH] CVE-2006-2838: Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet
Buffer overflow in the web console in F-Secure Anti-Virus for Microsoft Exchange 6.40, and Internet Gatekeeper 6.40 through 6.42 and 6.50 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown attack vectors. NOTE: By default, the connections are only allowed from the local host.
nvd
CVE-2008-0910P4HIGHCVSS 7.5v2006v2007+1 more2008-02-22
CVE-2008-0910 [HIGH] CVE-2008-0910: Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 200
Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792.
nvd
CVE-2006-6409P4CRITICALCVSS 10.0v4.652006-12-10
CVE-2006-6409 [CRITICAL] CVE-2006-6409: F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (po
F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
nvd
CVE-2008-1412P4MEDIUMCVSS 6.8v2006v2007+1 more2008-03-20
CVE-2008-1412 [MEDIUM] CWE-20 CVE-2008-1412: Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME tes
nvd
1 / 2Next →