Sign-up

ID

VAR-200601-0368


CVE

CVE-2006-0337


TITLE

plural F-Secure Anti-Virus Buffer overflow vulnerability in products

Trust: 0.8

sources: JVNDB: JVNDB-2006-003841

DESCRIPTION

Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives. plural F-Secure Anti-Virus The product contains a buffer overflow vulnerability.Arbitrary code could be executed by a third party. F-Secure is prone to multiple vulnerabilities when handling archives of various formats. The application is affected by a remote buffer overflow vulnerability when handling malformed ZIP archives. A successful attack can facilitate arbitrary code execution and result in a full compromise. Specially crafted ZIP and RAR archives can also bypass detection. This may result in arbitrary code execution or a malicious code infection. TITLE: F-Secure Anti-Virus Archive Handling Vulnerabilities SECUNIA ADVISORY ID: SA18529 VERIFY ADVISORY: http://secunia.com/advisories/18529/ CRITICAL: Highly critical IMPACT: Security Bypass, System access WHERE: >From remote SOFTWARE: F-Secure Personal Express 6.x http://secunia.com/product/6885/ F-Secure Internet Security 2006 http://secunia.com/product/6883/ F-Secure Internet Security 2005 http://secunia.com/product/4300/ F-Secure Internet Security 2004 http://secunia.com/product/3499/ F-Secure Internet Gatekeeper for Linux 2.x http://secunia.com/product/4635/ F-Secure Internet Gatekeeper 6.x http://secunia.com/product/3339/ F-Secure Anti-Virus for Workstations 5.x http://secunia.com/product/457/ F-Secure Anti-Virus for Windows Servers 5.x http://secunia.com/product/452/ F-Secure Anti-Virus for Samba Servers 4.x http://secunia.com/product/3501/ F-Secure Anti-Virus for MIMEsweeper 5.x http://secunia.com/product/455/ F-Secure Anti-Virus for Microsoft Exchange 6.x http://secunia.com/product/454/ F-Secure Anti-Virus for Linux 4.x http://secunia.com/product/3165/ F-Secure Anti-Virus for Firewalls 6.x http://secunia.com/product/451/ F-Secure Anti-Virus for Citrix Servers 5.x http://secunia.com/product/5198/ F-Secure Anti-Virus Client Security 6.x http://secunia.com/product/5786/ F-Secure Anti-Virus Client Security 5.x http://secunia.com/product/2718/ F-Secure Anti-Virus 5.x http://secunia.com/product/3334/ F-Secure Anti-Virus 2006 http://secunia.com/product/6882/ F-Secure Anti-Virus 2005 http://secunia.com/product/4299/ F-Secure Anti-Virus 2004 http://secunia.com/product/3500/ DESCRIPTION: Some vulnerabilities have been reported in various F-Secure products, which can be exploited by malware to bypass detection or malicious people to compromise a vulnerable system. 2) An error in the scanning functionality when processing RAR and ZIP archives can be exploited to prevent malware from being detected. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller. ORIGINAL ADVISORY: http://www.f-secure.com/security/fsc-2006-1.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2006-0337 // JVNDB: JVNDB-2006-003841 // BID: 16309 // VULHUB: VHN-16445 // PACKETSTORM: 43189

AFFECTED PRODUCTS

vendor:f securemodel:solutions based on f-secure personal expressscope:eqversion:6.20

Trust: 2.7

vendor:f securemodel:internet gatekeeperscope:eqversion:6.41

Trust: 1.9

vendor:f securemodel:internet gatekeeperscope:eqversion:6.32

Trust: 1.9

vendor:f securemodel:internet gatekeeperscope:eqversion:6.31

Trust: 1.9

vendor:f securemodel:internet gatekeeperscope:eqversion:6.42

Trust: 1.9

vendor:f securemodel:internet gatekeeperscope:eqversion:6.3

Trust: 1.9

vendor:f securemodel:f-secure internet securityscope:eqversion:2004

Trust: 1.8

vendor:f securemodel:internet gatekeeperscope:eqversion:2.6

Trust: 1.6

vendor:f securemodel:internet gatekeeperscope:eqversion:6.4

Trust: 1.6

vendor:f securemodel:f-secure anti-virusscope:eqversion:2.16

Trust: 1.6

vendor:f securemodel:internet gatekeeperscope:eqversion:2.14

Trust: 1.6

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.30

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.40

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.42

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.0

Trust: 1.0

vendor:f securemodel:f-secure internet securityscope:eqversion:2006

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.52

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.62

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.54

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.44

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.41

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.51

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.30_sr1

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:2006

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:2004

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.52

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.64

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.43

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.01

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.2

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.31

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.61

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.55

Trust: 1.0

vendor:f securemodel:f-secure internet securityscope:eqversion:2005

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.01

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:2005

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.11

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.40

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.61

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.51

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.21

Trust: 1.0

vendor:f securemodel:internet gatekeeperscope:eqversion:2.06

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.5

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:lteversion:for linux servers 4.64

Trust: 0.8

vendor:f securemodel:f-secure anti-virusscope:lteversion:for windows servers 5.52

Trust: 0.8

vendor:f securemodel:f-secure internet gatekeeperscope:lteversion:6.42

Trust: 0.8

vendor:f securemodel:f-secure internet securityscope:eqversion:2005 and 2006

Trust: 0.8

vendor:f securemodel:internet gatekeeper for linuxscope:eqversion:2.6

Trust: 0.3

vendor:f securemodel:anti-virus client securityscope:eqversion:5.52

Trust: 0.3

vendor:f securemodel:anti-virus for ms exchangescope:eqversion:6.2

Trust: 0.3

vendor:f securemodel:anti-virus for windows serversscope:eqversion:5.52

Trust: 0.3

vendor:f securemodel:anti-virus for linux gatewaysscope:eqversion:4.64

Trust: 0.3

vendor:f securemodel:anti-virus for workstationsscope:eqversion:5.43

Trust: 0.3

vendor:f securemodel:anti-virus for linux serversscope:eqversion:4.64

Trust: 0.3

vendor:f securemodel:anti-virusscope:eqversion:2005

Trust: 0.3

vendor:f securemodel:internet securityscope:eqversion:20060

Trust: 0.3

vendor:f securemodel:anti-virus for ms exchangescope:eqversion:6.21

Trust: 0.3

vendor:f securemodel:anti-virus for windows serversscope:eqversion:5.41

Trust: 0.3

vendor:f securemodel:anti-virus for linux gatewaysscope:eqversion:2.16

Trust: 0.3

vendor:f securemodel:anti-virus for linux gatewaysscope:eqversion:4.61

Trust: 0.3

vendor:f securemodel:anti-virus linux client securityscope:eqversion:5.11

Trust: 0.3

vendor:f securemodel:anti-virus for windows serversscope:eqversion:5.42

Trust: 0.3

vendor:f securemodel:anti-virusscope:eqversion:2004

Trust: 0.3

vendor:f securemodel:anti-virus for windows serversscope:eqversion:5.50

Trust: 0.3

vendor:f securemodel:anti-virus for linux serversscope:eqversion:4.61

Trust: 0.3

vendor:f securemodel:anti-virus for mimesweeperscope:eqversion:5.61

Trust: 0.3

vendor:f securemodel:anti-virus for ms exchangescope:eqversion:6.31

Trust: 0.3

vendor:f securemodel:anti-virus for citrix serversscope:eqversion:5.5

Trust: 0.3

vendor:f securemodel:anti-virus for citrix serversscope:eqversion:5.52

Trust: 0.3

vendor:f securemodel:anti-virus for ms exchangescope:eqversion:6.40

Trust: 0.3

vendor:f securemodel:anti-virus for ms exchangescope:eqversion:6.01

Trust: 0.3

vendor:f securemodel:anti-virus linux client securityscope:eqversion:5.01

Trust: 0.3

vendor:f securemodel:internet gatekeeper for linuxscope:eqversion:2.06

Trust: 0.3

vendor:f securemodel:internet gatekeeperscope:eqversion:6.400

Trust: 0.3

vendor:f securemodel:anti-virus linux server securityscope:eqversion:5.11

Trust: 0.3

vendor:f securemodel:anti-virus for linux gatewaysscope:eqversion:4.52

Trust: 0.3

vendor:f securemodel:anti-virus for linux serversscope:eqversion:4.52

Trust: 0.3

vendor:f securemodel:anti-virus client securityscope:eqversion:5.55

Trust: 0.3

vendor:f securemodel:internet gatekeeper for linuxscope:eqversion:2.14

Trust: 0.3

vendor:f securemodel:anti-virus for ms exchangescope:eqversion:6.30

Trust: 0.3

vendor:f securemodel:anti-virus client securityscope:eqversion:5.50

Trust: 0.3

vendor:f securemodel:anti-virus linux client securityscope:eqversion:5.0

Trust: 0.3

vendor:f securemodel:anti-virus for ms exchange service releasescope:eqversion:6.301

Trust: 0.3

vendor:f securemodel:internet securityscope:eqversion:2005

Trust: 0.3

vendor:f securemodel:anti-virus for workstationsscope:eqversion:5.44

Trust: 0.3

vendor:f securemodel:internet securityscope:eqversion:2004

Trust: 0.3

vendor:f securemodel:anti-virus for mimesweeperscope:eqversion:5.50

Trust: 0.3

vendor:f securemodel:anti-virus for linux gatewaysscope:eqversion:4.51

Trust: 0.3

vendor:f securemodel:anti-virus for firewallsscope:eqversion:6.20

Trust: 0.3

vendor:f securemodel:anti-virusscope:eqversion:20060

Trust: 0.3

vendor:f securemodel:anti-virus for linux workstationsscope:eqversion:4.52

Trust: 0.3

vendor:f securemodel:anti-virus for workstationsscope:eqversion:5.40

Trust: 0.3

vendor:f securemodel:anti-virus linux server securityscope:eqversion:5.01

Trust: 0.3

vendor:f securemodel:anti-virus for linux serversscope:eqversion:4.51

Trust: 0.3

vendor:f securemodel:anti-virus client securityscope:eqversion:5.54

Trust: 0.3

vendor:f securemodel:anti-virus for linux workstationsscope:eqversion:4.51

Trust: 0.3

vendor:f securemodel:anti-virus client securityscope:eqversion:6.01

Trust: 0.3

vendor:f securemodel:anti-virus for workstationsscope:eqversion:5.41

Trust: 0.3

vendor:f securemodel:anti-virus for mimesweeperscope:eqversion:5.41

Trust: 0.3

vendor:f securemodel:anti-virus linux server securityscope:eqversion:5.0

Trust: 0.3

vendor:f securemodel:anti-virus for workstationsscope:eqversion:5.42

Trust: 0.3

vendor:f securemodel:anti-virus for samba serversscope:eqversion:4.62

Trust: 0.3

vendor:f securemodel:anti-virus for mimesweeperscope:eqversion:5.42

Trust: 0.3

vendor:f securemodel:anti-virus for mimesweeperscope:eqversion:5.51

Trust: 0.3

sources: BID: 16309 // JVNDB: JVNDB-2006-003841 // CNNVD: CNNVD-200601-266 // NVD: CVE-2006-0337

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-0337
value: HIGH

Trust: 1.0

NVD: CVE-2006-0337
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200601-266
value: HIGH

Trust: 0.6

VULHUB: VHN-16445
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-0337
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-16445
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-16445 // JVNDB: JVNDB-2006-003841 // CNNVD: CNNVD-200601-266 // NVD: CVE-2006-0337

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-0337

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200601-266

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200601-266

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-003841

PATCH
title:fsc-2006-1.shtmlurl:http://www.f-secure.com/security/fsc-2006-1.shtml
Trust: 0.8
title:18529url:http://secunia.com/advisories/18529
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-003841

EXTERNAL IDS
db:NVDid:CVE-2006-0337
Trust: 2.5
db:BIDid:16309
Trust: 2.0
db:SECUNIAid:18529
Trust: 1.8
db:OSVDBid:22632
Trust: 1.7
db:VUPENid:ADV-2006-0257
Trust: 1.7
db:SECTRACKid:1015507
Trust: 1.7
db:SECTRACKid:1015508
Trust: 1.7
db:SECTRACKid:1015509
Trust: 1.7
db:SECTRACKid:1015510
Trust: 1.7
db:JVNDBid:JVNDB-2006-003841
Trust: 0.8
db:CIACid:Q-103
Trust: 0.6
db:XFid:24198
Trust: 0.6
db:CNNVDid:CNNVD-200601-266
Trust: 0.6
db:VULHUBid:VHN-16445
Trust: 0.1
db:PACKETSTORMid:43189
Trust: 0.1
sources:
            
            
            VULHUB: VHN-16445 // 
            
            
            
            BID: 16309 // 
            
            
            
            JVNDB: JVNDB-2006-003841 // 
            
            
            
            PACKETSTORM: 43189 // 
            
            
            
            CNNVD: CNNVD-200601-266 // 
            
            
            
            NVD: CVE-2006-0337

REFERENCES
url:http://www.f-secure.com/security/fsc-2006-1.shtml
Trust: 2.1
url:http://www.securityfocus.com/bid/16309
Trust: 1.7
url:http://www.ciac.org/ciac/bulletins/q-103.shtml
Trust: 1.7
url:http://www.osvdb.org/22632
Trust: 1.7
url:http://securitytracker.com/id?1015507
Trust: 1.7
url:http://securitytracker.com/id?1015508
Trust: 1.7
url:http://securitytracker.com/id?1015509
Trust: 1.7
url:http://securitytracker.com/id?1015510
Trust: 1.7
url:http://secunia.com/advisories/18529
Trust: 1.7
url:http://www.vupen.com/english/advisories/2006/0257
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/24198
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0337
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-0337
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2006/0257
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/24198
Trust: 0.6
url:http://www.f-secure.com/
Trust: 0.3
url:http://secunia.com/product/457/
Trust: 0.1
url:http://secunia.com/product/454/
Trust: 0.1
url:http://secunia.com/product/3334/
Trust: 0.1
url:http://secunia.com/product/2718/
Trust: 0.1
url:http://secunia.com/product/455/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/product/4299/
Trust: 0.1
url:http://secunia.com/advisories/18529/
Trust: 0.1
url:http://secunia.com/product/452/
Trust: 0.1
url:http://secunia.com/product/6883/
Trust: 0.1
url:http://secunia.com/product/4300/
Trust: 0.1
url:http://secunia.com/product/5786/
Trust: 0.1
url:http://secunia.com/product/3339/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/6885/
Trust: 0.1
url:http://secunia.com/product/5198/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/3500/
Trust: 0.1
url:http://secunia.com/product/6882/
Trust: 0.1
url:http://secunia.com/product/3501/
Trust: 0.1
url:http://secunia.com/product/4635/
Trust: 0.1
url:http://secunia.com/product/3165/
Trust: 0.1
url:http://secunia.com/product/3499/
Trust: 0.1
url:http://secunia.com/product/451/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-16445 // 
            
            
            
            BID: 16309 // 
            
            
            
            JVNDB: JVNDB-2006-003841 // 
            
            
            
            PACKETSTORM: 43189 // 
            
            
            
            CNNVD: CNNVD-200601-266 // 
            
            
            
            NVD: CVE-2006-0337

CREDITS
Thierry Zoller is credited with the discovery of these issues.
Trust: 0.9
sources:
            
            
            BID: 16309 // 
            
            
            
            CNNVD: CNNVD-200601-266

SOURCES
db:VULHUBid:VHN-16445
db:BIDid:16309
db:JVNDBid:JVNDB-2006-003841
db:PACKETSTORMid:43189
db:CNNVDid:CNNVD-200601-266
db:NVDid:CVE-2006-0337

LAST UPDATE DATE
2024-08-14T13:39:54.578000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-16445date:2017-07-20T00:00:00
db:BIDid:16309date:2006-02-07T20:54:00
db:JVNDBid:JVNDB-2006-003841date:2014-03-11T00:00:00
db:CNNVDid:CNNVD-200601-266date:2006-01-30T00:00:00
db:NVDid:CVE-2006-0337date:2017-07-20T01:29:40.237

SOURCES RELEASE DATE
db:VULHUBid:VHN-16445date:2006-01-21T00:00:00
db:BIDid:16309date:2006-01-19T00:00:00
db:JVNDBid:JVNDB-2006-003841date:2014-03-11T00:00:00
db:PACKETSTORMid:43189date:2006-01-19T17:33:40
db:CNNVDid:CNNVD-200601-266date:2006-01-20T00:00:00
db:NVDid:CVE-2006-0337date:2006-01-21T00:03:00