1. CVE-Search
  2. CVE-2007-3300
ID CVE-2007-3300
Summary Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
References
Vulnerable Configurations
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.56:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.56:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:2.15.484:*:linux:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:2.15.484:*:linux:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:2.16:*:linux:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:2.16:*:linux:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:solutions_based_on_f-secure_personal_express:6.20:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:solutions_based_on_f-secure_personal_express:6.20:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 24525
confirm http://www.f-secure.com/security/fsc-2007-5.shtml
osvdb
  • 36728
  • 36729
sectrack
  • 1018266
  • 1018267
  • 1018268
secunia 25738
vupen ADV-2007-2247
xf fsecure-lzh-rar-security-bypass(34942)
Last major update 29-07-2017 - 01:32
Published 20-06-2007 - 22:30
Last modified 29-07-2017 - 01:32
Back to Top