Security Advisories
FSC-2015-4: DLL Pre-loading attack in Online Scanner
Description
F-Secure Online Scanner is susceptible to a DLL pre-loading attack if the user is tricked into downloading a specially crafted DLL file.
Affected Products
- Risk Level (Low/Medium/High/Cricital) Low
- F-Secure Online Scanner
Platforms
- Risk Level (Low/Medium/High/Cricital) Low
- All supported platforms for the affected product
More Information
F-Secure Online Scanner is susceptible to a DLL pre-loading attack if a user is tricked into downloading an arbitrary DLL file that resides in the same folder as F-SecureOnlineScanner.exe. The identifier CVE-2015-8264 has been assigned to this issue.
Fix Available
Aenean eget nisl ex. Sed hendrerit ultrices lorem, a finibus neque venenatis consequat. Proin vel leo id felis tempor bibendum. Integer euismod auctor erat, at cursus lectus convallis quis. Maecenas sit amet blandit leo. Donec hendrerit hendrerit tempor.
| Product | Download |
|---|---|
| F-Secure Online Scanner | Download the latest version from the F-Secure Online Scanner product page. |
Credits
F-Secure Corporation would like to thank Stefan Kanthak for bringing this issue to our attention.
Date Issued: 2015-12-17