FSC-2007-6: EXE & Packed File Scanning Vulnerabilities
Specially crafted archives and packed executables can bypass antivirus scanning.
Placing a specially crafted archive or packed executable into the system32 folder may allow an attacker to bypass F-Secure's antivirus.
Windows Server 2003 64-bit edition for x64 processors
Risk Level: HIGH(Low/Medium/High/Critical)
F-Secure Anti-Virus for Windows Servers version 7.00
Exploitation of the vulnerabilities requires specially crafted archives or packed executables. Issue only exists on 64-bit server platforms. There are no known exploits.
F-Secure wants to thank Mr Papadorotheoun for pinpointing this issue.
|F-Secure Anti-Virus for Windows Servers||7.00||ftp://ftp.f-secure.com/support/hotfix/fsav/fsav720-01-signed.fsfix|
Date Issued: 2007-09-27
Last Updated: 2007-09-27
2007 Security advisories
- FSC-2007-6: EXE & Packed File Scanning Vulnerabilities (2007-09-27)
- FSC-2007-5: Scan Bypass Vulnerabilities with LHA & RAR Archives (2007-06-19
- FSC-2007-4: Denial of Service Vulnerability in F-Secure Policy Manager Server host module (2007-05-30)
- FSC-2007-3: EXE & Packed File Scanning Vulnerabilities (2007-05-30)
- FSC-2007-2: IOCTL Vulnerability in Real-time Scanning Component (2007-05-30)
- FSC-2007-1: Buffer Overflow Vulnerability in Handling LHA Archives (2007-05-30)