Vulnerability Details : CVE-2007-3300
Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.
Products affected by CVE-2007-3300
- cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:2.15.484:*:linux:*:*:*:*:*
- cpe:2.3:a:f-secure:internet_gatekeeper:2.16:*:linux:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:client_security:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:ms_exchange:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:windows_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:5.56:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:workstations:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:solutions_based_on_f-secure_personal_express:6.20:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3300
15.78%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 96 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-3300
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2007-3300
-
http://www.securitytracker.com/id?1018267
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/34942
-
http://www.securitytracker.com/id?1018268
-
http://www.f-secure.com/security/fsc-2007-5.shtml
-
http://www.vupen.com/english/advisories/2007/2247
-
http://www.securitytracker.com/id?1018266
-
http://www.securityfocus.com/bid/24525
Jump to