F-Secure for Citrix Servers Critical Vulnerability
Tuesday, 15 February 2005 by Michel Roth
F-Secure Anti-Virus for Citrix Servers is one of the most well known virus scanners for Citrx /Terminal Servers.

ISS X-Force has reported a vulnerability in multiple F-Secure products, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the antivirus scanning functionality when processing ARJ archives. This can be exploited to cause a buffer overflow via a specially crafted ARJ archive. Successful exploitation allows execution of arbitrary code, but requires that the malicious ARJ archive is scanned with archive scanning enabled.

The vulnerability applies to a whole range of F-Secure Anti-Virus products among which is F-Secure Anti-Virus for Citrix Servers version 5.50.

Read more here.

Related Items:

Trend Micro Products AntiVirus Library Buffer Overflow (27 February 2005)
Firefox IDN URL Domain Name Buffer Overflow (13 September 2005)
0-Day Microsoft Excel Unspecified Code Execution Vulnerability (19 June 2006)
VMware NAT Networking Buffer Overflow Vulnerability (21 December 2005)
Citrix Metaframe XP Unspecified Buffer Overflow Vulnerability (23 December 2004)
Citrix ICA Client ActiveX Control Heap Overflow Vulnerability (6 December 2006)
0-Day Microsoft Word 2000 Unspecified Code Execution Vulnerability (5 September 2006)
Microsoft Windows "itss.dll" Heap Corruption Unpatched Vulnerability (10 May 2006)
Internet Explorer "object" Tag Memory Corruption Code Execution (26 April 2006)
Windows Flaw May Let Hackers Hide Code From AV Scanners (29 August 2005)
Comments (0)
Show/Hide comment form