F-Secure Multiple Products Scan Evasion Vulnerabilities

Bugtraq ID:	39371
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Apr 12 2010 12:00AM
Updated:	Apr 12 2010 05:42PM
Credit:	ReversingLabs
Vulnerable:	F-Secure Protection Service for Consumers 9.0 F-Secure Protection Service for Consumers 8.00 F-Secure Protection Service for Consumers 7.00 F-Secure Protection Service for Business - Workstation 9.0 F-Secure Protection Service for Business - Workstation 8.00 F-Secure Protection Service for Business - Server 9.0 F-Secure Mac Protection build 8060 F-Secure Linux Security 7.03 F-Secure Linux Security 7.02 F-Secure Linux Security 7.01 F-Secure Internet Security 2007 0 F-secure Internet Security 2006 0 F-Secure Internet Security 2005 F-Secure Internet Security 2004 F-Secure Internet Security 2003 F-Secure Internet Security 2010 F-Secure Internet Security 2009 F-Secure Internet Security 2008 F-Secure Internet Security 2007 Second Edition F-Secure Home Server Security 2009 F-Secure Client Security 9 F-Secure Client Security 8.01 F-Secure Client Security 8.0 F-Secure Client Security 7.12 F-Secure Client Security 7.11 F-Secure Anti-Virus Linux Server Security 5.11 F-Secure Anti-Virus Linux Server Security 5.0 4 F-Secure Anti-Virus Linux Server Security 5.0 1 F-Secure Anti-Virus Linux Server Security 5.0 F-Secure Anti-Virus Linux Server Security 5.54 F-Secure Anti-Virus Linux Server Security 5.52 F-Secure Anti-Virus Linux Server Security 5.30 F-secure Anti-Virus Linux Client Security 5.11 F-secure Anti-Virus Linux Client Security 5.0.4 F-secure Anti-Virus Linux Client Security 5.0 1 F-secure Anti-Virus Linux Client Security 5.0 F-secure Anti-Virus Linux Client Security 5.54 F-secure Anti-Virus Linux Client Security 5.52 F-secure Anti-Virus Linux Client Security 5.30 F-Secure Anti-Virus for Workstations 5.44 F-Secure Anti-Virus for Workstations 5.43 F-Secure Anti-Virus for Workstations 5.42 F-Secure Anti-Virus for Workstations 5.41 F-Secure Anti-Virus for Workstations 5.40 F-Secure Anti-Virus for Workstations 9 F-Secure Anti-Virus for Workstations 8.0 F-Secure Anti-Virus for Workstations 7.11 F-Secure Anti-Virus for Workstations 7.00 F-Secure Anti-Virus for Windows Servers 5.52 F-Secure Anti-Virus for Windows Servers 5.50 F-Secure Anti-Virus for Windows Servers 5.42 F-Secure Anti-Virus for Windows Servers 5.41 F-Secure Anti-Virus for Windows Servers 9 F-Secure Anti-Virus for Windows Servers 8.00 F-Secure Anti-Virus for Windows Servers 7.00 F-Secure Anti-Virus for Linux Servers 4.64 F-Secure Anti-Virus for Linux Servers 4.61 F-Secure Anti-Virus for Linux Servers 4.52 F-Secure Anti-Virus for Linux Servers 4.51 F-Secure Anti-Virus for Linux Servers 4.65 F-Secure Anti-Virus for Citrix Servers 5.52 F-Secure Anti-Virus for Citrix Servers 5.5 F-Secure Anti-Virus for Citrix Servers 9 F-Secure Anti-Virus for Citrix Servers 7.00 F-Secure Anti-Virus 2007 0 F-Secure Anti-Virus 2006 0 F-secure Anti-Virus 2005 F-Secure Anti-Virus 2004 F-Secure Anti-Virus 2003 F-Secure Anti-Virus 2010 F-Secure Anti-Virus 2009 F-Secure Anti-Virus 2008 F-Secure Anti-Virus 2007 Second Edition
Not Vulnerable:

F-Secure Multiple Products Scan Evasion Vulnerabilities

Multiple F-Secure products are prone to vulnerabilities that may allow certain compressed archives to bypass the scan engine.

Successful exploits will allow attackers to distribute files containing malicious code that the scan engine will fail to detect.

F-Secure Multiple Products Scan Evasion Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

F-Secure Multiple Products Scan Evasion Vulnerabilities

Solution:
The vendor released updates to address these issues. Please see the references for more information.

F-Secure Multiple Products Scan Evasion Vulnerabilities

References:

• F-Secure Homepage (F-Secure)
  
• FSC-2010-1 Malformed archive bypass vulnerability (F-Secure)