F-Secure Product(s) Integer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with F-Secure Product(s) and is prone to Integer Overflow vulnerability.

Impact

Successful exploitation could allow remote attackers to craft the archive files with arbitrary codes and can cause integer overflow in the context of an affected application. Impact Level: System/Application

Solution

Apply patch http://www.f-secure.com/security/fsc-2008-3.shtml

Insight

The vulnerability is due to an integer overflow error while scanning contents of specially crafted RPM files inside the archives.

Affected

F-Secure AntiVirus 2008 and prior F-Secure AntiVirus Workstation F-Secure Internet Security 2008 and prior F-Secure Client Security F-Secure Internet Gatekeeper for Windows 6.61 and prior

References

http://secunia.com/advisories/32352
http://securitytracker.com/alerts/2008/Oct/1021073.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6085

CVSS	Base Score: 7.6 AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

BarCodeWiz 'BarcodeWiz.dll' ActiveX Control BOF Vulnerability
BSPlayer Stack Overflow Vulnerability SRT
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Windows)
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
ALZip MIM File Processing Buffer Overflow Vulnerability

Take action and discover your vulnerabilities