F-Secure ZIP/RAR Archive Handling Overflow Multiple RCE
High Nessus Plugin ID 20804
SynopsisAn antivirus application installed on the remote host is affected by multiple remote code execution vulnerabilities
DescriptionThe version of F-Secure Anti-Virus installed on the remote Windows host is affected by multiple flaws in the way it handles ZIP and RAR archives. An attacker can exploit these, via specially crafted files, to bypass scanning or execute arbitrary code with SYSTEM privileges.
SolutionEnable auto-updates if using F-Secure Internet Security 2004-2006, F-Secure Anti-Virus 2004-2006, or F-Secure Personal Express version 6.20 or earlier. Alternatively, apply the appropriate hotfix as referenced in the vendor advisory.