F-Secure Products Archive Files Scan Evasion (2010-1)

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

An antivirus application installed on the remote host is affected by a
scan evasion vulnerability.

Description :

The remote host has an antivirus product from F-Secure installed.

According to its version, the product fails to accurately scan
specially crafted 7Z, GZIP, CAB, and RAR archive files. It is,
therefore, possible for such files to evade detection from the
scanning engine.

See also :

http://www.nessus.org/u?1f93d2a3

Solution :

Apply the vendor-supplied patches.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 45528 (fsecure_fsc_2010_01.nasl)

Bugtraq ID: 39371

CVE ID: CVE-2010-1425

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now