F-Secure Product(s) Integer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with F-Secure Product(s) and is prone to Integer Overflow vulnerability.

Impact

Successful exploitation could allow remote attackers to craft the archive files with arbitrary codes and can cause integer overflow in the context of an affected application. Impact Level: System/Application

Solution

Apply patch http://www.f-secure.com/security/fsc-2008-3.shtml

Insight

The vulnerability is due to an integer overflow error while scanning contents of specially crafted RPM files inside the archives.

Affected

F-Secure AntiVirus 2008 and prior F-Secure AntiVirus Workstation F-Secure Internet Security 2008 and prior F-Secure Client Security F-Secure Internet Gatekeeper for Windows 6.61 and prior

References

http://secunia.com/advisories/32352
http://securitytracker.com/alerts/2008/Oct/1021073.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6085
CVSS Base Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Apple iTunes 'itms:' URI Stack Buffer Overflow Vulnerability
Adobe Air Buffer Overflow Vulnerability (Mac OS X)
Dell Webcam 'crazytalk4.ocx' ActiveX Multiple BOF Vulnerabilities
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
CA eTrust PestPatrol Anti-Spyware 'ppctl.dll' ActiveX Control BOF Vulnerability

Take action and discover your vulnerabilities