J-Security Center

Title: F-Secure Multiple Archive Handling Vulnerabilities

Severity: CRITICAL

Description:

F-Secure is prone to multiple vulnerabilities when handling archives of various formats. These issues affect various F-Secure products including F-Secure Anti-Virus releases, F-Secure Internet Gatekeeper, and F-Secure Internet Security.

The following specific issues were identified:

The application is affected by a remote buffer overflow vulnerability when handling malformed ZIP archives. This issue arises because the application fails to perform boundary checks prior to copying user-supplied data into sensitive process buffers. An attacker can supply a specially-crafted ZIP archive containing excessive data to overflow a finite sized buffer and cause memory corruption. A successful attack can facilitate arbitrary code execution and result in a full compromise.

Specially crafted ZIP and RAR archives can also bypass detection. The cause of this was not specified, however, it is likely that this vulnerability results from a design error. Malicious archives may bypass detection, which may result in arbitrary code execution or a malicious code infection. This issue may result in a partial or full compromise depending on the nature of the attack.

Affected Products:

  • F-Secure Solutions based on F-Secure Personal Express 6.20.0
  • F-Secure Anti-Virus 2004
  • F-Secure Anti-Virus 2005
  • F-Secure Anti-Virus 2006
  • F-Secure Anti-Virus Client Security 5.50.0
  • F-Secure Anti-Virus Client Security 5.52.0
  • F-Secure Anti-Virus Client Security 5.54.0
  • F-Secure Anti-Virus Client Security 5.55.0
  • F-Secure Anti-Virus Client Security 6.0.0 1
  • F-Secure Anti-Virus Linux Client Security 5.0.0
  • F-Secure Anti-Virus Linux Client Security 5.0.0 1
  • F-Secure Anti-Virus Linux Client Security 5.11.0
  • F-Secure Anti-Virus Linux Server Security 5.0.0
  • F-Secure Anti-Virus Linux Server Security 5.0.0 1
  • F-Secure Anti-Virus Linux Server Security 5.11.0
  • F-Secure Anti-Virus for Citrix Servers 5.5.0
  • F-Secure Anti-Virus for Citrix Servers 5.52.0
  • F-Secure Anti-Virus for Firewalls 6.20.0
  • F-Secure Anti-Virus for Linux Gateways 2.16.0
  • F-Secure Anti-Virus for Linux Gateways 4.51.0
  • F-Secure Anti-Virus for Linux Gateways 4.52.0
  • F-Secure Anti-Virus for Linux Gateways 4.61.0
  • F-Secure Anti-Virus for Linux Gateways 4.64.0
  • F-Secure Anti-Virus for Linux Servers 4.51.0
  • F-Secure Anti-Virus for Linux Servers 4.52.0
  • F-Secure Anti-Virus for Linux Servers 4.61.0
  • F-Secure Anti-Virus for Linux Servers 4.64.0
  • F-Secure Anti-Virus for Linux Workstations 4.51.0
  • F-Secure Anti-Virus for Linux Workstations 4.52.0
  • F-Secure Anti-Virus for MIMEsweeper 5.41.0
  • F-Secure Anti-Virus for MIMEsweeper 5.42.0
  • F-Secure Anti-Virus for MIMEsweeper 5.50.0
  • F-Secure Anti-Virus for MIMEsweeper 5.51.0
  • F-Secure Anti-Virus for MIMEsweeper 5.61.0
  • F-Secure Anti-Virus for MS Exchange 6.0.0 1
  • F-Secure Anti-Virus for MS Exchange 6.2.0
  • F-Secure Anti-Virus for MS Exchange 6.21.0
  • F-Secure Anti-Virus for MS Exchange 6.3.0 0
  • F-Secure Anti-Virus for MS Exchange 6.30.0 Service Release 1
  • F-Secure Anti-Virus for MS Exchange 6.31.0
  • F-Secure Anti-Virus for MS Exchange 6.31.0
  • F-Secure Anti-Virus for MS Exchange 6.40.0
  • F-Secure Anti-Virus for Samba Servers 4.62.0
  • F-Secure Anti-Virus for Windows Servers 5.41.0
  • F-Secure Anti-Virus for Windows Servers 5.42.0
  • F-Secure Anti-Virus for Windows Servers 5.50.0
  • F-Secure Anti-Virus for Windows Servers 5.52.0
  • F-Secure Anti-Virus for Workstations 5.40.0
  • F-Secure Anti-Virus for Workstations 5.41.0
  • F-Secure Anti-Virus for Workstations 5.42.0
  • F-Secure Anti-Virus for Workstations 5.43.0
  • F-Secure Anti-Virus for Workstations 5.44.0
  • F-Secure Internet Gatekeeper 6.3.0
  • F-Secure Internet Gatekeeper 6.31.0
  • F-Secure Internet Gatekeeper 6.32.0
  • F-Secure Internet Gatekeeper 6.40.0
  • F-Secure Internet Gatekeeper 6.41.0
  • F-Secure Internet Gatekeeper 6.42.0
  • F-Secure Internet Gatekeeper for Linux 2.0.0 6
  • F-Secure Internet Gatekeeper for Linux 2.14.0
  • F-Secure Internet Gatekeeper for Linux 2.6.0
  • F-Secure Internet Security 2004
  • F-Secure Internet Security 2005
  • F-Secure Internet Security 2006

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.