Vulnerability Description
F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F-Secure | F-Secure Anti-Virus | 4.65 |
References
- http://www.quantenblog.net/security/virus-scanner-bypass
- http://www.securityfocus.com/archive/1/453654/100/0/threaded
- http://www.securityfocus.com/bid/21461
- http://www.quantenblog.net/security/virus-scanner-bypass
- http://www.securityfocus.com/archive/1/453654/100/0/threaded
- http://www.securityfocus.com/bid/21461
FAQ
What is CVE-2006-6409?
CVE-2006-6409 is a vulnerability with a CVSS score of 10.0 (HIGH). F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into ...
How severe is CVE-2006-6409?
CVE-2006-6409 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-6409?
Check the references section above for vendor advisories and patch information. Affected products include: F-Secure F-Secure Anti-Virus.