Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/36724 - | |
References | () http://secunia.com/advisories/25426 - Patch, Vendor Advisory | |
References | () http://securitytracker.com/id?1018147 - | |
References | () http://www.f-secure.com/security/fsc-2007-1.shtml - Patch, Vendor Advisory | |
References | () http://www.nruns.com/security_advisory_fsecure_lzh.php - | |
References | () http://www.securityfocus.com/archive/1/470256/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/24235 - | |
References | () http://www.securitytracker.com/id?1018146 - | |
References | () http://www.securitytracker.com/id?1018148 - | |
References | () http://www.vupen.com/english/advisories/2007/1985 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/34575 - |
Information
Published : 2007-05-31 23:30
Updated : 2024-11-21 00:32
NVD link : CVE-2007-2966
Mitre link : CVE-2007-2966
CVE.ORG link : CVE-2007-2966
JSON object : View
Products Affected
f-secure
- f-secure_anti-virus
- internet_gatekeeper
- f-secure_anti-virus_linux_server_security
- f-secure_internet_security
- f-secure_anti-virus_linux_client_security
- f-secure_protection_service
- f-secure_anti-virus_client_security
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer