F-Secure Anti-Virus May Fail to Scan Certain Archives in the System32 Directory
|
|
SecurityTracker Alert ID: 1018745
|
|
SecurityTracker URL: http://securitytracker.com/id?1018745
|
|
CVE Reference: CVE-2007-5143
(Links to External Site)
|
Updated: Mar 20 2008
|
Original Entry Date: Sep 27 2007
|
Impact: Modification of user information
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): for Windows Servers version 7.00
|
Description: A vulnerability was reported in F-Secure Anti-Virus. A user can create an archive that will bypass detection.
A user can create a specially crafted archive or packed executable located in the Windows system32 directory that will not be detected
by the scanning engine.
Only 64-bit server platforms are affected.
Mr. Papadorotheoun reported this vulnerability.
|
Impact: A user can create an archive that will bypass detection.
|
Solution: The vendor has issued the following patch:
ftp://ftp.f-secure.com/support/hotfix/fsav/fsav720-01-signed.fsfix
The F-Secure advisory is available at:
http://www.f-secure.com/security/fsc-2007-6.shtml
|
Vendor URL: www.f-secure.com/security/fsc-2007-6.shtml (Links to External Site)
|
Cause: State error
|
Underlying OS: Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 27 Sep 2007 08:28:39 -0400
Subject: F-Secure Anti-Virus for Windows Servers
|
http://www.f-secure.com/security/fsc-2007-6.shtml
|
|
