|
Several F-Secure products are affected by the following RPM parsing vulnerability: If attackers send specially-made compressed file archives to users whose antivirus software is set to scan inside compressed archives, an integer overflow occurs. The result is a controlled buffer overflow attack. It allows the attackers to control the computer on the system level.
Part of these issues have been fixed automatically in F-Secure database updates. Part of the issues require patching the affected products. Hotfixes for the products are available in the Downloads section.
For more information, please see F-Secure Security Bulletin FSC-2008-3.
|