Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:55
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/32352 - Vendor Advisory | |
References | () http://www.f-secure.com/security/fsc-2008-3.shtml - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/31846 - | |
References | () http://www.securitytracker.com/id?1021073 - | |
References | () http://www.vupen.com/english/advisories/2008/2874 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/46016 - |
Information
Published : 2009-02-06 11:30
Updated : 2024-11-21 00:55
NVD link : CVE-2008-6085
Mitre link : CVE-2008-6085
CVE.ORG link : CVE-2008-6085
JSON object : View
Products Affected
f-secure
- f-secure_anti-virus
- f-secure_home_server_security
- f-secure_linux_security
- f-secure_anti-virus_for_windows_servers
- f-secure_internet_gatekeeper_for_linux
- f-secure_anti-virus_for_microsoft_exchange
- f-secure_anti-virus_linux_server_security
- f-secure_internet_security
- f-secure_anti-virus_linux_client_security
- f-secure_anti-virus_for_mimesweeper
- f-secure_messaging_security_gateway
- f-secure_anti-virus_for_citrix_servers
- f-secure_internet_gatekeeper_for_windows
- f-secure_protection_service_for_business
- f-secure_anti-virus_for_workstations
- f-secure_protection_service_for_consumers
- f-secure_client_security
CWE
CWE-189
Numeric Errors