|
F-Secure Patches Flaws in Products
Finnish security vendor F-Secure has patched multiple vulnerabilities in three product lines: F-Secure's Anti-Virus, Internet Gatekeeper and Internet Security product suites. A buffer overflow vulnerability lying in the processing of LHA archives could have allowed an attacker to execute arbitrary code or create a denial-of-service condition. "An attacker may create a specially crafted LHA archive, which then in its decompression phase exploits the described buffer overflow vulnerability, allowing arbitrary code to be executed or the exploit to create a denial-of-service condition," said officials at the Helsinki, Finland-based company.
An Input/Output Control vulnerability in the Real-time Scanning component of F-Secure workstation and file server products for Windows was also fixed. An attacker with local access to the system could escalate their privileges to the system with a specially crafted I/O request packet due to improper access validation of the address space used by Real-time Scanning, company officials said. Finally, a bug in F-Secure's Policy Manager Server could have been used by attackers to launch a denial-of-service attack. A DoS condition could be triggered by using NTFS-reserved words as URL filenames, company officials warned.  News source: eWeek Read full story... More... |
| All times are GMT +1. The time now is 03:59 AM. |
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.