1. CVE-Search
  2. CVE-2006-0338
ID CVE-2006-0338
Summary Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.
References
Vulnerable Configurations
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_server_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_server_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:firewalls:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:firewalls:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 20-07-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 16309
ciac Q-103
confirm http://www.f-secure.com/security/fsc-2006-1.shtml
osvdb 22633
sectrack
  • 1015507
  • 1015508
  • 1015509
  • 1015510
secunia 18529
vupen ADV-2006-0257
xf fsecure-rar-zip-scan-bypass(24199)
Last major update 20-07-2017 - 01:29
Published 21-01-2006 - 00:03
Last modified 20-07-2017 - 01:29
Back to Top