Security Advisories
FSC-2011-3: SEH overwrite vulnerability in DLL file
Description
A structure exception handler (SEH) overwrite vulnerability in a DLL file associated with several products could be exploited under specific circumstances and may lead to remote code execution.
Affected Products
Risk Level: HIGH (Low/Medium/High/Critical)
- F-Secure Anti-Virus 2010 and 2011
- F-Secure Internet Security 2010 and 2011
- Solutions based on F-Secure Protection Service for Consumers version 9
- Solutions based on F-Secure Protection Service for Business - Workstation security version 9
Platforms
All platforms supported by the affected products.
Notes
These products are affected by the vulnerability, but the needed hotfix is distributed automatically by the update system. End users do not need to take any actions.
Patch Available
| Product | Versions | Download |
|---|---|---|
| F-Secure Internet Security | 2010 and 2011 | Fix available in the automatic update channel. No user actions needed. |
| F-Secure Anti-Virus | 2010 and 2011 | Fix available in the automatic update channel. No user actions needed. |
| Solutions based on F-Secure Protection Service for Business - Workstation security | 9 | Fix available in the automatic update channel. No user actions needed. |
| Solutions based on F-Secure Protection Service for Consumers version | 9 | Fix available in the automatic update channel. No user actions needed. |
Credit
F-Secure Corporation wants to thank Anil Aphale (aka 41.w4r10r) of Controlcase India Ltd for bringing this issue to our attention.
Date Issued: 2011-08-23
Last Updated: 2011-08-23
F-Secure Community
Give advice. Get advice. Share the knowledge on our free discussion forum.