F-Secure Products at Risk of Compromise or DoS

Multiple F-Secure products contain unspecified issues in their handling of archive files. This could allow specially crafted archive files to be used as an attack vector. The results of a successful attack could cause a Denial of Service or possibly result in the compromise of the affected host. The products at risk are:

F-Secure Internet Security 2008
F-Secure Internet Security 2007
F-Secure Internet Security 2007 Second Edition
F-Secure Internet Security 2006
F-Secure Anti-Virus 2008
F-Secure Anti-Virus 2007
F-Secure Anti-Virus 2007 Second Edition
F-Secure Anti-Virus 2006
F-Secure Client Security 7.11 and earlier
F-Secure Anti-Virus Client Security 6.04 and earlier
F-Secure Anti-Virus for Workstations 7.11 and earlier
F-Secure Anti-Virus Linux Client Security 5.54 and earlier
F-Secure Anti-Virus for Linux 4.65 and earlier
Solutions based on F-Secure Protection Service for Consumers version 7.00 and earlier
Solutions based on F-Secure Protection Service for Business version 3.10 and earlier
F-Secure Mobile Anti-Virus™ for S60 2nd edition
F-Secure Mobile Anti-Virus™ for Windows Mobile 2003/5.0/6
F-Secure Mobile Security™ for Series 80

F-Secure Anti-Virus for Windows Servers 7.01 and earlier
F-Secure Anti-Virus for Citrix Servers 7.00 and earlier
F-Secure Anti-Virus Linux Server Security 5.54 and earlier

F-Secure Anti-Virus for Microsoft Exchange 7.10 and earlier
F-Secure Internet Gatekeeper 6.61, Windows and earlier
F-Secure Internet Gatekeeper for Linux 2.16 and earlier
F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier
F-Secure Messaging Security Gateway 4.0.7 and earlier

Details on patching the products list above can be found at:

http://www.f-secure.com/security/fsc-2008-2.shtml

Leave a Reply