1. Home
  2. CVE Database
  3. CVE-2006-0338
MEDIUM · 5.0

CVE-2006-0338

Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Ser...

Vulnerability Description

Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allow remote attackers to hide arbitrary files and data via malformed (1) RAR and (2) ZIP archives, which are not properly scanned.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
F-SecureF-Secure Anti-Virus4.51
F-SecureF-Secure Internet Security2004
F-SecureF-Secure Personal Express4.5
F-SecureInternet Gatekeeper2.06

References

FAQ

What is CVE-2006-0338?

CVE-2006-0338 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Ser...

How severe is CVE-2006-0338?

CVE-2006-0338 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2006-0338?

Check the references section above for vendor advisories and patch information. Affected products include: F-Secure F-Secure Anti-Virus, F-Secure F-Secure Internet Security, F-Secure F-Secure Personal Express, F-Secure Internet Gatekeeper.