{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-21T00:00:00", "descriptions": [{"lang": "en", "value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "31846", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31846"}, {"name": "1021073", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021073"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.f-secure.com/security/fsc-2008-3.shtml"}, {"name": "32352", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32352"}, {"name": "ADV-2008-2874", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2874"}, {"name": "fsecure-multipleproducts-rpm-bo(46016)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-6085", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "31846", "refsource": "BID", "url": "http://www.securityfocus.com/bid/31846"}, {"name": "1021073", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1021073"}, {"name": "http://www.f-secure.com/security/fsc-2008-3.shtml", "refsource": "CONFIRM", "url": "http://www.f-secure.com/security/fsc-2008-3.shtml"}, {"name": "32352", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32352"}, {"name": "ADV-2008-2874", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2874"}, {"name": "fsecure-multipleproducts-rpm-bo(46016)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:20:25.110Z"}, "title": "CVE Program Container", "references": [{"name": "31846", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31846"}, {"name": "1021073", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021073"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.f-secure.com/security/fsc-2008-3.shtml"}, {"name": "32352", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32352"}, {"name": "ADV-2008-2874", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2874"}, {"name": "fsecure-multipleproducts-rpm-bo(46016)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-6085", "datePublished": "2009-02-06T11:00:00", "dateReserved": "2009-02-05T00:00:00", "dateUpdated": "2024-08-07T11:20:25.110Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.02:*:*:*:*:*:*:*", "matchCriteriaId": "B028C22E-399E-4A90-9673-64E4D510273E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*", "matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*", "matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:second:*:*:*:*:*", "matchCriteriaId": "62204373-31FA-4F28-AA22-D4D6F3B80F9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*", "matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2009:*:*:*:*:*:*:*", "matchCriteriaId": "4B68C319-313F-4CA5-9B37-D9860071E763", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_citrix_servers:*:*:*:*:*:*:*:*", "matchCriteriaId": "7C3858F1-B23F-4E45-BD23-C8262AD37F50", "versionEndIncluding": "7.00", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4D0AD44-C784-4019-B92C-A368092C815C", "versionEndIncluding": "7.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:6.62:*:*:*:*:*:*:*", "matchCriteriaId": "D622E750-A9AB-4EF3-BC2F-D7C3FFE8C961", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.00:*:*:*:*:*:*:*", "matchCriteriaId": "85EEA770-211A-4568-BB9F-9FE76D7BFCB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_mimesweeper:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B6FA161-27C8-40A5-BAF7-4907D67E3C82", "versionEndIncluding": "5.61", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_windows_servers:*:*:*:*:*:*:*:*", "matchCriteriaId": "FDF7866B-1F6D-49C8-8013-2A6974D42D95", "versionEndIncluding": "8.00", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*", "matchCriteriaId": "7D9F9488-8DA8-48A9-9A11-B5E0D7AA9A7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.11:*:*:*:*:*:*:*", "matchCriteriaId": "8C775FD8-A757-41A6-BBC3-29BC9D2D12A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D3E6352-6BF9-4FE6-A572-07A31972A28D", "versionEndIncluding": "5.54", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.30:*:*:*:*:*:*:*", "matchCriteriaId": "9523BF6D-AF64-4CFE-B017-695B6BB175C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*", "matchCriteriaId": "E77AB622-B899-46FD-9DFA-1964B57A9458", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*", "matchCriteriaId": "F8DB2DD7-86DC-440A-B8D9-0A84034E808F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BD6D628-460F-4AF7-971E-401D58E48AF1", "versionEndIncluding": "5.54", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.30:*:*:*:*:*:*:*", "matchCriteriaId": "66AB396E-475C-404F-BEE1-66DE9C3A7555", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.52:*:*:*:*:*:*:*", "matchCriteriaId": "D0E6FC4F-F768-43FF-9627-DF41CD7D799C", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A5AE9AF-11E3-4CC5-BEE7-6ED5CF6FCEA5", "versionEndIncluding": "7.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:7.11:*:*:*:*:*:*:*", "matchCriteriaId": "5A8FC353-E7D7-4097-B206-C0ACB654E0E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_home_server_security:2009:*:*:*:*:*:*:*", "matchCriteriaId": "13A9FDBE-1AAD-435A-BECF-2871864EAFA4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "4664D4A0-EB01-4274-9E1D-8EA5313F935A", "versionEndIncluding": "2.16", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "C73ADB10-61D7-46E9-B293-1C798E297A5F", "versionEndIncluding": "6.61", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:7.02:*:*:*:*:*:*:*", "matchCriteriaId": "89DC5D86-0C4A-4F94-83A2-DB21B868ACCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*", "matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*", "matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:second:*:*:*:*:*", "matchCriteriaId": "94858828-3626-4654-AB6A-597A49C79284", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*", "matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2009:*:*:*:*:*:*:*", "matchCriteriaId": "D77467E5-A143-4720-93EE-29B399417065", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_linux_security:*:*:*:*:*:*:*:*", "matchCriteriaId": "3F6ED823-E3F3-4444-86B5-BBD6D711B5B9", "versionEndIncluding": "7.01", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A5B1FA4-33A1-4EAD-A20F-C9A4AD64939C", "versionEndIncluding": "5.0.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:4.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "25DB325A-39E6-4938-9761-D8DCD5A57C96", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*", "matchCriteriaId": "5A2E6D2C-5520-41DE-AF1D-7E47F9A99CE7", "versionEndIncluding": "3.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:3.00:*:*:*:*:*:*:*", "matchCriteriaId": "6123A21D-BBB4-48D8-9701-7BFB637628C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*", "matchCriteriaId": "C339068C-F74F-4B4B-AD15-09457CC85458", "versionEndIncluding": "8.00", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:5.00:*:*:*:*:*:*:*", "matchCriteriaId": "F11E5127-4DC8-48A4-9AF5-1C148B71C7E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:6.00:*:*:*:*:*:*:*", "matchCriteriaId": "6FB0D1BB-B119-4996-859A-39348AEF36B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:7.00:*:*:*:*:*:*:*", "matchCriteriaId": "721447B1-F577-48AB-A312-34306C485866", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."}, {"lang": "es", "value": "Desbordamiento de entero en m\u00faltiples productos antivirus de F-Secure, incluyendo Internet Security 2006 hasta 2008, Anti-Virus 2006 hasta 2008, y otros, cuando ha sido configurado para escanear ficheros comprimidos internamente, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero comprimido RPM manipulado, lo que provocar\u00e1 un desbordamiento de b\u00fafer."}], "id": "CVE-2008-6085", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-02-06T11:30:00.467", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32352"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.f-secure.com/security/fsc-2008-3.shtml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/31846"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1021073"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2874"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32352"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.f-secure.com/security/fsc-2008-3.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/31846"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1021073"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2874"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}