1. CVE-Search
  2. CVE-2006-3490
ID CVE-2006-3490
Summary F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.
References
Vulnerable Configurations
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_service_platform_for_service_providers:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 20-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 18693
confirm http://www.f-secure.com/security/fsc-2006-4.shtml
osvdb 26876
sectrack
  • 1016400
  • 1016401
secunia 20858
vupen ADV-2006-2573
xf fsecure-scannetworkdrives-security-bypass(27502)
Last major update 20-07-2017 - 01:32
Published 10-07-2006 - 22:05
Last modified 20-07-2017 - 01:32
Back to Top