Vulnerability Name:

CCN-54048

Published:2009-10-29
Updated:2009-10-29
Summary:Multiple F-Secure products could allow a remote attacker to bypass security restrictions, caused by improper handling of PDF files. A remote attacker could exploit this vulnerability using a specially-crafted PDF document to bypass anti-virus scanning functionality and possibly launch further attacks against the system.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Consequences:Bypass Security
References:Source: CCN
Type: SA37192
F-Secure Products PDF Handling Security Bypass

Source: CCN
Type: FSC-2009-3
Malware inside specially crafted PDF files remain undetected

Source: CCN
Type: OSVDB ID: 59589
F-Secure Multiple Products Crafted PDF File Scanning Bypass

Source: CCN
Type: BID-36876
F-Secure Products PDF Files Scan Evasion Vulnerability

Source: XF
Type: UNKNOWN
fsecure-pdf-security-bypass(54048)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/a:f-secure:linux_security:7.01:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:8.0:-:workstations:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:2.16:-:linux:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_security:2009:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:2009:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:5.54:-:inux_client_security:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:5.54:-:linux_server_security:*:*:*:*:*
  • OR cpe:/a:f-secure:client_security:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:linux_security:7.02:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:home_server_security:2009:*:*:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:8.00:-:windows_server:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:7.00:-:citrix_servers:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:4.65:-:linux_servers:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:5.61:-:mime_sweeper:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:2.15.484::linux:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:2.14::linux:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:2.6::linux:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:6.62:-:microsoft_exchange:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:7.0:-:microsoft_exchange:*:*:*:*:*
  • OR cpe:/a:f-secure:anti-virus:7.10:-:microsoft_exchange:*:*:*:*:*
  • OR cpe:/a:f-secure:internet_gatekeeper:6.61:-:windows:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    f-secure linux security 7.01
    f-secure anti-virus 8.0 -
    f-secure internet gatekeeper 2.16 -
    f-secure internet security 2009
    f-secure anti-virus 2009
    f-secure anti-virus 5.54 -
    f-secure anti-virus 5.54 -
    f-secure client security 8.0
    f-secure linux security 7.02
    f-secure home server security 2009
    f-secure anti-virus 8.00 -
    f-secure anti-virus 7.00 -
    f-secure anti-virus 4.65 -
    f-secure anti-virus 5.61 -
    f-secure internet gatekeeper 2.15.484
    f-secure internet gatekeeper 2.14
    f-secure internet gatekeeper 2.6
    f-secure anti-virus 6.62 -
    f-secure anti-virus 7.0 -
    f-secure anti-virus 7.10 -
    f-secure internet gatekeeper 6.61 -