Details of VAR-200705-0116

ID

VAR-200705-0116

CVE

CVE-2007-2966

TITLE

plural F-Secure Product Real-time Scanning Component buffer overflow vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2007-002112

DESCRIPTION

Buffer overflow in the LHA decompression component in F-Secure anti-virus products for Microsoft Windows and Linux before 20070529 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted LHA archive, related to an integer wrap, a similar issue to CVE-2006-4335. Multiple F-Secure Anti-Virus applications are prone to a buffer-overflow vulnerability when they process certain LHA archive files. This issue occurs because the applications fail to properly check boundaries on user-supplied data before copying it to an insufficiently sized memory buffer. Successful exploits can allow attackers to execute arbitrary code with the privileges of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions. Reports indicate that this vulnerability also occurs when processing malformed LZH archives, ARJ files, and FSG packed files. F-Secure Anti-Virus is a set of anti-virus software from Finland F-Secure Company. The software integrates multiple virus monitoring engines, can scan the operating system for real-time viruses, and provides powerful background management functions. If users use F-Secure antivirus solutions to scan malicious LHA files, buffer overflows may be triggered, resulting in denial of service or execution of arbitrary commands

Trust: 1.98

sources: NVD: CVE-2007-2966 // JVNDB: JVNDB-2007-002112 // BID: 24235 // VULHUB: VHN-26328

AFFECTED PRODUCTS

vendor:	f secure	model:	f-secure internet security	scope:	eq	version:	2007	Trust: 1.6
vendor:	f secure	model:	f-secure internet security	scope:	eq	version:	2005	Trust: 1.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	2005	Trust: 1.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	2006	Trust: 1.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	2007	Trust: 1.6
vendor:	f secure	model:	f-secure internet security	scope:	eq	version:	2006	Trust: 1.6
vendor:	f secure	model:	f-secure anti-virus	scope:	lte	version:	5.42	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus	scope:	lte	version:	5.61	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus	scope:	lte	version:	4.65	Trust: 1.0
vendor:	f secure	model:	internet gatekeeper	scope:	lte	version:	6.60	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus	scope:	lte	version:	5.44	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus	scope:	lte	version:	6.40	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus linux client security	scope:	lte	version:	5.30	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus client security	scope:	lte	version:	6.03	Trust: 1.0
vendor:	f secure	model:	internet gatekeeper	scope:	lte	version:	2.16	Trust: 1.0
vendor:	f secure	model:	f-secure protection service	scope:	lte	version:	6.40	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus linux server security	scope:	lte	version:	5.30	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus	scope:	lte	version:	5.52	Trust: 1.0
vendor:	f secure	model:	f-secure anti-virus	scope:	lt	version:	microsoft windows version and linux edition 20070529	Trust: 0.8
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	4.65	Trust: 0.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	5.42	Trust: 0.6
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	5.44	Trust: 0.6
vendor:	f secure	model:	anti-virus client security	scope:	eq	version:	5.52	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.2	Trust: 0.3
vendor:	f secure	model:	anti-virus for windows servers	scope:	eq	version:	5.52	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux gateways	scope:	eq	version:	4.64	Trust: 0.3
vendor:	f secure	model:	anti-virus for workstations	scope:	eq	version:	5.43	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.60	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux servers	scope:	eq	version:	4.64	Trust: 0.3
vendor:	f secure	model:	anti-virus client security	scope:	eq	version:	6.03	Trust: 0.3
vendor:	f secure	model:	anti-virus	scope:	eq	version:	2005	Trust: 0.3
vendor:	f secure	model:	internet security	scope:	eq	version:	20060	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.21	Trust: 0.3
vendor:	f secure	model:	anti-virus linux server security	scope:	eq	version:	5.30	Trust: 0.3
vendor:	f secure	model:	anti-virus for windows servers	scope:	eq	version:	5.41	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux gateways	scope:	eq	version:	2.16	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux gateways	scope:	eq	version:	4.61	Trust: 0.3
vendor:	f secure	model:	anti-virus linux client security	scope:	eq	version:	5.11	Trust: 0.3
vendor:	f secure	model:	anti-virus for windows servers	scope:	eq	version:	5.42	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.41	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux servers	scope:	eq	version:	4.61	Trust: 0.3
vendor:	f secure	model:	anti-virus for mimesweeper	scope:	eq	version:	5.61	Trust: 0.3
vendor:	f secure	model:	anti-virus linux server security	scope:	eq	version:	5.04	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.31	Trust: 0.3
vendor:	f secure	model:	anti-virus linux client security	scope:	eq	version:	5.0.4	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.50	Trust: 0.3
vendor:	f secure	model:	anti-virus for citrix servers	scope:	eq	version:	5.5	Trust: 0.3
vendor:	f secure	model:	anti-virus for citrix servers	scope:	eq	version:	5.52	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.40	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.32	Trust: 0.3
vendor:	f secure	model:	anti-virus	scope:	eq	version:	20070	Trust: 0.3
vendor:	f secure	model:	anti-virus client security	scope:	eq	version:	6.02	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.01	Trust: 0.3
vendor:	f secure	model:	anti-virus linux client security	scope:	eq	version:	5.01	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.400	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper for linux	scope:	eq	version:	2.16	Trust: 0.3
vendor:	f secure	model:	anti-virus linux server security	scope:	eq	version:	5.11	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux gateways	scope:	eq	version:	4.52	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux servers	scope:	eq	version:	4.52	Trust: 0.3
vendor:	f secure	model:	anti-virus client security	scope:	eq	version:	5.55	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange	scope:	eq	version:	6.30	Trust: 0.3
vendor:	f secure	model:	anti-virus client security	scope:	eq	version:	5.50	Trust: 0.3
vendor:	f secure	model:	anti-virus linux client security	scope:	eq	version:	5.0	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.31	Trust: 0.3
vendor:	f secure	model:	anti-virus for ms exchange service release	scope:	eq	version:	6.301	Trust: 0.3
vendor:	f secure	model:	internet security	scope:	eq	version:	2005	Trust: 0.3
vendor:	f secure	model:	anti-virus for workstations	scope:	eq	version:	5.44	Trust: 0.3
vendor:	f secure	model:	anti-virus for mimesweeper	scope:	eq	version:	5.50	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux gateways	scope:	eq	version:	4.51	Trust: 0.3
vendor:	f secure	model:	anti-virus	scope:	eq	version:	20060	Trust: 0.3
vendor:	f secure	model:	anti-virus for workstations	scope:	eq	version:	5.40	Trust: 0.3
vendor:	f secure	model:	anti-virus linux server security	scope:	eq	version:	5.01	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux servers	scope:	eq	version:	4.51	Trust: 0.3
vendor:	f secure	model:	anti-virus client security	scope:	eq	version:	5.54	Trust: 0.3
vendor:	f secure	model:	anti-virus client security	scope:	eq	version:	6.01	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux gateways	scope:	eq	version:	4.65	Trust: 0.3
vendor:	f secure	model:	anti-virus for workstations	scope:	eq	version:	5.41	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.42	Trust: 0.3
vendor:	f secure	model:	internet gatekeeper	scope:	eq	version:	6.3	Trust: 0.3
vendor:	f secure	model:	anti-virus linux client security	scope:	eq	version:	5.30	Trust: 0.3
vendor:	f secure	model:	anti-virus linux server security	scope:	eq	version:	5.0	Trust: 0.3
vendor:	f secure	model:	anti-virus for workstations	scope:	eq	version:	5.42	Trust: 0.3
vendor:	f secure	model:	anti-virus for mimesweeper	scope:	eq	version:	5.41	Trust: 0.3
vendor:	f secure	model:	anti-virus for linux servers	scope:	eq	version:	4.65	Trust: 0.3
vendor:	f secure	model:	anti-virus for mimesweeper	scope:	eq	version:	5.42	Trust: 0.3
vendor:	f secure	model:	anti-virus for windows servers	scope:	eq	version:	5.50	Trust: 0.3
vendor:	f secure	model:	internet security	scope:	eq	version:	20070	Trust: 0.3
vendor:	f secure	model:	anti-virus for mimesweeper	scope:	eq	version:	5.51	Trust: 0.3

sources: BID: 24235 // JVNDB: JVNDB-2007-002112 // CNNVD: CNNVD-200705-559 // NVD: CVE-2007-2966

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2007-2966
value:	HIGH
Trust: 1.0
NVD:	CVE-2007-2966
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200705-559
value:	HIGH
Trust: 0.6
VULHUB:	VHN-26328
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2007-2966
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-26328
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-26328 // JVNDB: JVNDB-2007-002112 // CNNVD: CNNVD-200705-559 // NVD: CVE-2007-2966

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-26328 // JVNDB: JVNDB-2007-002112 // NVD: CVE-2007-2966

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200705-559

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200705-559

CONFIGURATIONS

sources: JVNDB: JVNDB-2007-002112

PATCH

title:

Security advisories

url:

http://www.f-secure.com/en/web/labs_global/security-advisories

Trust: 0.8

sources: JVNDB: JVNDB-2007-002112

EXTERNAL IDS

db:	NVD	id:	CVE-2007-2966	Trust: 2.8
db:	BID	id:	24235	Trust: 2.0
db:	SECTRACK	id:	1018148	Trust: 1.7
db:	SECTRACK	id:	1018147	Trust: 1.7
db:	SECTRACK	id:	1018146	Trust: 1.7
db:	VUPEN	id:	ADV-2007-1985	Trust: 1.7
db:	SECUNIA	id:	25426	Trust: 1.7
db:	OSVDB	id:	36724	Trust: 1.1
db:	JVNDB	id:	JVNDB-2007-002112	Trust: 0.8
db:	CNNVD	id:	CNNVD-200705-559	Trust: 0.7
db:	BUGTRAQ	id:	20070601 N.RUNS-SA-2007.013 - F-SECURE ANTIVIRUS LZH PARSING BUFFEROVERFLOW ADVISORY	Trust: 0.6
db:	XF	id:	34575	Trust: 0.6
db:	VULHUB	id:	VHN-26328	Trust: 0.1

sources: VULHUB: VHN-26328 // BID: 24235 // JVNDB: JVNDB-2007-002112 // CNNVD: CNNVD-200705-559 // NVD: CVE-2007-2966

REFERENCES

url:	http://www.f-secure.com/security/fsc-2007-1.shtml	Trust: 2.0
url:	http://www.securityfocus.com/bid/24235	Trust: 1.7
url:	http://www.nruns.com/security_advisory_fsecure_lzh.php	Trust: 1.7
url:	http://www.securitytracker.com/id?1018146	Trust: 1.7
url:	http://securitytracker.com/id?1018147	Trust: 1.7
url:	http://www.securitytracker.com/id?1018148	Trust: 1.7
url:	http://secunia.com/advisories/25426	Trust: 1.7
url:	http://www.securityfocus.com/archive/1/470256/100/0/threaded	Trust: 1.1
url:	http://osvdb.org/36724	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2007/1985	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/34575	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2966	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2966	Trust: 0.8
url:	http://www.frsirt.com/english/advisories/2007/1985	Trust: 0.6
url:	http://xforce.iss.net/xforce/xfdb/34575	Trust: 0.6
url:	http://www.securityfocus.com/archive/1/archive/1/470256/100/0/threaded	Trust: 0.6
url:	http://www.f-secure.com/cs/	Trust: 0.3
url:	http://www.f-secure.com/products/anti-virus/linux/	Trust: 0.3
url:	http://www.f-secure.com/	Trust: 0.3
url:	http://www.nruns.com/security_advisory_fsecure_fsg.php	Trust: 0.3
url:	/archive/1/470462	Trust: 0.3
url:	/archive/1/470484	Trust: 0.3
url:	msg://bugtraq/!&!aaaaaaaaaaayaaaaaaaaaeqlc0seqczmjfisy1tj+rpcgaaaeaaaakh2elboqhzajukkxqegieabaaaaaa==@nruns.com	Trust: 0.3

sources: VULHUB: VHN-26328 // BID: 24235 // JVNDB: JVNDB-2007-002112 // CNNVD: CNNVD-200705-559 // NVD: CVE-2007-2966

CREDITS

Tavis Ormandy※ taviso@gentoo.org

Trust: 0.6

sources: CNNVD: CNNVD-200705-559

SOURCES

db:	VULHUB	id:	VHN-26328
db:	BID	id:	24235
db:	JVNDB	id:	JVNDB-2007-002112
db:	CNNVD	id:	CNNVD-200705-559
db:	NVD	id:	CVE-2007-2966

LAST UPDATE DATE

2024-11-23T22:43:23.440000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-26328	date:	2018-10-16T00:00:00
db:	BID	id:	24235	date:	2008-11-04T02:45:00
db:	JVNDB	id:	JVNDB-2007-002112	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200705-559	date:	2007-06-01T00:00:00
db:	NVD	id:	CVE-2007-2966	date:	2024-11-21T00:32:04.880

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-26328	date:	2007-05-31T00:00:00
db:	BID	id:	24235	date:	2007-05-30T00:00:00
db:	JVNDB	id:	JVNDB-2007-002112	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200705-559	date:	2007-05-31T00:00:00
db:	NVD	id:	CVE-2007-2966	date:	2007-05-31T23:30:00