Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| F-secure_anti-virus | F-secure | 4.51 (including) | 4.51 (including) |
| F-secure_anti-virus | F-secure | 4.52 (including) | 4.52 (including) |
| F-secure_anti-virus | F-secure | 4.60 (including) | 4.60 (including) |
| F-secure_anti-virus | F-secure | 4.61 (including) | 4.61 (including) |
| F-secure_anti-virus | F-secure | 5.0 (including) | 5.0 (including) |
| F-secure_anti-virus | F-secure | 5.5 (including) | 5.5 (including) |
| F-secure_anti-virus | F-secure | 5.41 (including) | 5.41 (including) |
| F-secure_anti-virus | F-secure | 5.42 (including) | 5.42 (including) |
| F-secure_anti-virus | F-secure | 5.43 (including) | 5.43 (including) |
| F-secure_anti-virus | F-secure | 5.52 (including) | 5.52 (including) |
| F-secure_anti-virus | F-secure | 5.55 (including) | 5.55 (including) |
| F-secure_anti-virus | F-secure | 6.01 (including) | 6.01 (including) |
| F-secure_anti-virus | F-secure | 6.2 (including) | 6.2 (including) |
| F-secure_anti-virus | F-secure | 6.21 (including) | 6.21 (including) |
| F-secure_anti-virus | F-secure | 6.30 (including) | 6.30 (including) |
| F-secure_anti-virus | F-secure | 6.30_sr1 (including) | 6.30_sr1 (including) |
| F-secure_anti-virus | F-secure | 6.31 (including) | 6.31 (including) |
| F-secure_anti-virus | F-secure | 2004 (including) | 2004 (including) |
| F-secure_anti-virus | F-secure | 2005 (including) | 2005 (including) |
| F-secure_for_firewalls | F-secure | 6.20 (including) | 6.20 (including) |
| F-secure_internet_security | F-secure | 2004 (including) | 2004 (including) |
| F-secure_internet_security | F-secure | 2005 (including) | 2005 (including) |
| F-secure_personal_express | F-secure | 4.5 (including) | 4.5 (including) |
| F-secure_personal_express | F-secure | 4.6 (including) | 4.6 (including) |
| F-secure_personal_express | F-secure | 4.7 (including) | 4.7 (including) |
| F-secure_personal_express | F-secure | 5.0 (including) | 5.0 (including) |
| Internet_gatekeeper | F-secure | 2.6 (including) | 2.6 (including) |
| Internet_gatekeeper | F-secure | 6.3 (including) | 6.3 (including) |
| Internet_gatekeeper | F-secure | 6.4 (including) | 6.4 (including) |
| Internet_gatekeeper | F-secure | 6.31 (including) | 6.31 (including) |
| Internet_gatekeeper | F-secure | 6.32 (including) | 6.32 (including) |
| Internet_gatekeeper | F-secure | 6.41 (including) | 6.41 (including) |
References
- http://secunia.com/advisories/13263/
- http://www.ciac.org/ciac/bulletins/p-041.shtml
- http://www.f-secure.com/security/fsc-2004-3.shtml
- http://www.kb.cert.org/vuls/id/968818
- http://www.securityfocus.com/bid/11732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18217
- http://secunia.com/advisories/13263/
- http://www.ciac.org/ciac/bulletins/p-041.shtml
- http://www.f-secure.com/security/fsc-2004-3.shtml
- http://www.kb.cert.org/vuls/id/968818
- http://www.securityfocus.com/bid/11732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18217