CVE-2008-6085

Опубликовано: 06 фев. 2009

Источник: nvd

CVSS2: 7.6

EPSS Средний

Описание

Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:f-secure:f-secure_anti-virus:7.02:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:second:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus:2009:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_for_citrix_servers:*:*:*:*:*:*:*:*

Версия до 7.00 (включая)

cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:*:*:*:*:*:*:*:*

Версия до 7.10 (включая)

cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:6.62:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.00:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_for_mimesweeper:*:*:*:*:*:*:*:*

Версия до 5.61 (включая)

cpe:2.3:a:f-secure:f-secure_anti-virus_for_windows_servers:*:*:*:*:*:*:*:*

Версия до 8.00 (включая)

cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.11:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*

Версия до 5.54 (включая)

cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.30:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*

Версия до 5.54 (включая)

cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.30:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.52:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_client_security:*:*:*:*:*:*:*:*

Версия до 7.12 (включая)

cpe:2.3:a:f-secure:f-secure_client_security:7.11:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_home_server_security:2009:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_linux:*:*:*:*:*:*:*:*

Версия до 2.16 (включая)

cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_windows:*:*:*:*:*:*:*:*

Версия до 6.61 (включая)

cpe:2.3:a:f-secure:f-secure_internet_security:7.02:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:second:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_internet_security:2009:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_linux_security:*:*:*:*:*:*:*:*

Версия до 7.01 (включая)

cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:*:*:*:*:*:*:*:*

Версия до 5.0.4 (включая)

cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:4.0.7:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*

Версия до 3.10 (включая)

cpe:2.3:a:f-secure:f-secure_protection_service_for_business:3.00:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*

Версия до 8.00 (включая)

cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:5.00:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:6.00:*:*:*:*:*:*:*

cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:7.00:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.10472

Средний

7.6 High

CVSS2

Дефекты

CWE-189

Связанные уязвимости

GHSA-5f3f-vggf-74fg

github

больше 3 лет назад