F-Secure Anti-Virus Linux Client Security vulnerabilities

CVE-2010-1425 [MEDIUM] CVE-2010-1425: F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and fo F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and e

CVE-2008-6085 [HIGH] CWE-189 CVE-2008-6085: Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.

CVE-2008-1412 [MEDIUM] CWE-20 CVE-2008-1412: Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME tes

CVE-2008-0910 [HIGH] CVE-2008-0910: Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 200 Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted RAR archive. NOTE: this might be related to CVE-2008-0792.

CVE-2008-0792 [MEDIUM] CWE-264 CVE-2008-0792: Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 200 Multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, F-Secure Protection Service, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.

CVE-2007-3300 [CRITICAL] CVE-2007-3300: Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote a Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.

CVE-2007-2967 [CRITICAL] CWE-20 CVE-2007-2967: Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote a Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.

CVE-2007-2965 [HIGH] CVE-2007-2965: Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, includi Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Outpu

CVE-2007-2966 [HIGH] CVE-2007-2966: Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Win Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335.