F-Secure Anti-Virus May Fail to Detect Malware in PDF Files
|
|
SecurityTracker Alert ID: 1023114 |
|
SecurityTracker URL: http://securitytracker.com/id/1023114
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Oct 29 2009
|
Impact:
Host/resource access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 2009 and prior; various other product versions
|
Description:
A vulnerability was reported in F-Secure Anti-Virus. A remote user can bypass malware detection.
A remote user can create a specially crafted PDF file that includes malware but will bypass the malware detection mechanism.
The vendor was notified on May 15, 2009.
The following product versions are also affected:
F-Secure Anti-Virus for Workstations 8.0 and earlier
F-Secure Anti-Virus for Windows Servers 8.00 and earlier
F-Secure Anti-Virus Linux Client Security 5.54 and earlier
F-Secure Anti-Virus Linux Server Security 5.54 and earlier
F-Secure Anti-Virus for Linux Servers 4.65
F-Secure Anti-Virus for Microsoft Exchange 8.00 and earlier
F-Secure Anti-Virus for Citrix Servers 7.00 and earlier
F-Secure Anti-Virus for MIMEsweeper 5.61 and earlier
The original advisory is available at:
http://www.g-sec.lu/fsecure-pdf-bypass.html
Thierry Zoller from G-SEC reported this vulnerability.
|
Impact:
A remote user can bypass the malware detection mechanism.
|
Solution:
The vendor has issued a fix (on July 12, 2009), available via automatic update.
The vendor's advisory is available at:
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-3.html
|
Vendor URL: www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-3.html (Links to External Site)
|
Cause:
Input validation error, State error
|
Underlying OS:
Linux (Any), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Thu, 29 Oct 2009 12:56:30 -0500
Subject: F-Secure Anti-Virus
|
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-3.html
|
|
