Antti Levomäki

Name of the Vulnerable Software and Affected Versions: WithSecure Atlant (formerly F-Secure Atlant) version 1.0.35-1 Description: The issue allows a remote Denial of Service because of memory corruption during scanning of a PE32 file. Recommendations: For version 1.0.35-1, consider disabling the scanning of PE32 files until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure Elements Endpoint Protection for Mac versions 17 and later WithSecure Linux Security 64 version 12.0 WithSecure Linux Protection version 12.0 WithSecure Atlant versions 15 and later **Description** The issue allows a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. **Recommendations** For WithSecure Client Security version 15, update to a fixed version when available. For WithSecure Server Security version 15, update to a fixed version when available. For WithSecure Email and Server Security version 15, update to a fixed version when available. For WithSecure Elements Endpoint Protection versions 17 and later, update to a fixed version when available. For WithSecure Client Security for Mac version 15, update to a fixed version when available. For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a fixed version when available. For WithSecure Linux Security 64 version 12.0, update to a fixed version when available. For WithSecure Linux Protection version 12.0, update to a fixed version when available. For WithSecure Atlant versions 15 and later, update to a fixed version when available.

**Name of the Vulnerable Software and Affected Versions** F-Secure Atlant (affected versions not specified) **Description** A Denial-of-Service (DoS) issue was discovered in the fsicapd component used in certain F-Secure products. When scanning larger packages or fuzzed files, the component consumes too much memory, which can eventually crash the scanning engine. This issue can be triggered remotely by an attacker. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 95.0.4638.54 **Description** The issue is related to a heap buffer overflow in the PDFium PDF content handler. It can be exploited by a remote attacker using a specially crafted HTML page, potentially leading to heap corruption. **Recommendations** For versions prior to 95.0.4638.54, update to version 95.0.4638.54 or later to resolve the issue. As a temporary workaround, consider restricting access to PDF content in Google Chrome until the update is applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to the ISAKMP parser in tcpdump, which could enter an infinite loop due to bugs in print-isakmp.c, affecting several functions. Additionally, it could allow a remote attacker to obtain sensitive information by exploiting a buffer overread memory in the HNCP component. This can be achieved by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the telnet parser, specifically in the `telnet parse()` function within `print-telnet.c`. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the telnet parser until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a bug in the RESP parser, specifically in the `resp get length()` function within `print-resp.c`, which could cause an infinite loop. Additionally, there is a buffer overread memory issue in the HNCP component that could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the BGP parser component of tcpdump, specifically in the `bgp attr print()` function within `print-bgp.c`. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the BGP parser component until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the BGP parser, specifically within the `bgp attr print()` function in `print-bgp.c`. This problem affects the tcpdump tool. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the BGP parser until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to the DNS parser in tcpdump, which could enter an infinite loop due to a bug in the `ns print()` function. This is caused by a flaw in the `print-domain.c` file. Additionally, there is a buffer overread memory issue in the HNCP component that could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue concerns a buffer over-read in the PIMv2 parser, specifically within the `pimv2 print()` function located in print-pim.c. This problem affects the tcpdump analyzer. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the PIMv2 parser until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a bug in the LLDP parser, which could cause an infinite loop due to a problem in the `lldp private 8021 print()` function. This could potentially allow a remote attacker to obtain sensitive information by sending a specially crafted request, exploiting a buffer overread memory issue in the HNCP component. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the LLDP parser or the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the IS-IS parser, specifically in the `isis print extd ip reach()` function within `print-isoclns.c`. This problem can lead to potential security issues. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `isis print extd ip reach()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the IS-IS parser, specifically in the `isis print()` function within `print-isoclns.c`. This problem can lead to potential security issues due to the over-read of buffer data. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `isis print()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the IEEE 802.15.4 parser, specifically in the print-802 15 4.c:ieee802 15 4 if print() function. This problem affects the tcpdump protocol analyzer. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the IEEE 802.15.4 parser until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the LMP parser, specifically in the `lmp print()` function within the print-lmp.c file. This problem can lead to potential data exposure or crashes. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the LMP parser until the update can be applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the Juniper protocols parser, specifically in the `juniper parse header()` function within `print-juniper.c`. This affects the tcpdump protocol analyzer. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `juniper parse header()` function until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the SMB/CIFS parser of tcpdump, which could allow a remote attacker to obtain sensitive information. This can be achieved by sending a specially crafted request to exploit the buffer overread memory in the HNCP component. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the SMB/CIFS parser until a patch is available.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to several protocol parsers that could cause a buffer over-read in the `lookup bytestring()` function. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request, exploiting the buffer overread memory in the HNCP component. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the HNCP component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** tcpdump versions prior to 4.9.2 **Description** The issue is related to a buffer over-read in the ICMP parser of tcpdump, specifically in the `icmp print()` function. This could allow a remote attacker to obtain sensitive information by sending a specially crafted request. **Recommendations** For versions prior to 4.9.2, update to version 4.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the ICMP parser until a patch is available.