Security Advisories

FSC-2011-3: SEH OVERWRITE VULNERABILITY IN DLL FILE

Description

A structure exception handler (SEH) overwrite vulnerability in a DLL file associated with several products could be exploited under specific circumstances and may lead to remote code execution.
 

Affected Products


Risk Level: HIGH (Low/Medium/High/Critical)
  • F-Secure Anti-Virus 2010 and 2011
  • F-Secure Internet Security 2010 and 2011
  • Solutions based on F-Secure Protection Service for Consumers version 9
  • Solutions based on F-Secure Protection Service for Business - Workstation security version 9

 

Platforms

All platforms supported by the affected products.

 

Notes

These products are affected by the vulnerability, but the needed hotfix is distributed automatically by the update system. End users do not need to take any actions.

 

Patch Available

Product Versions        Download
F-Secure Internet Security 2010 and 2011 Fix available in the automatic update channel. No user actions needed.
F-Secure Anti-Virus 2010 and 2011 Fix available in the automatic update channel. No user actions needed.
Solutions based on F-Secure Protection Service for Business - Workstation security 9 Fix available in the automatic update channel. No user actions needed.
Solutions based on F-Secure Protection Service for Consumers version 9 Fix available in the automatic update channel. No user actions needed.

Credit

F-Secure Corporation wants to thank Anil Aphale (aka 41.w4r10r) of Controlcase India Ltd for bringing this issue to our attention.

 

 

Date Issued: 2011-08-23
Last Updated: 2011-08-23

Get
Support

For documentation and product support,
visit our support site.

Learn More

F-Secure Community

Give advice. Get advice. Share the knowledge
on our free discussion forum.

Visit Now