Faty420

**Name of the Vulnerable Software and Affected Versions** WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure Elements Endpoint Protection for Mac versions 17 and later WithSecure Linux Security 64 version 12.0 WithSecure Linux Protection version 12.0 WithSecure Atlant version 1.0.35-1 **Description** The issue allows a Denial of Service because scanning a crafted file takes a long time and causes the scanner to hang. **Recommendations** For WithSecure Client Security version 15, update to a version that includes a fix for this issue. For WithSecure Server Security version 15, update to a version that includes a fix for this issue. For WithSecure Email and Server Security version 15, update to a version that includes a fix for this issue. For WithSecure Elements Endpoint Protection versions 17 and later, update to a version that includes a fix for this issue. For WithSecure Client Security for Mac version 15, update to a version that includes a fix for this issue. For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a version that includes a fix for this issue. For WithSecure Linux Security 64 version 12.0, update to a version that includes a fix for this issue. For WithSecure Linux Protection version 12.0, update to a version that includes a fix for this issue. For WithSecure Atlant version 1.0.35-1, update to a version that includes a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure Elements Endpoint Protection for Mac versions 17 and later WithSecure Linux Security 64 version 12.0 WithSecure Linux Protection version 12.0 WithSecure Atlant version 1.0.35-1 **Description** The issue is related to a Denial of Service that can occur due to an unpack handler crash, leading to a scanning engine crash. **Recommendations** For WithSecure Client Security version 15, update to a version that includes a fix for the unpack handler crash. For WithSecure Server Security version 15, update to a version that includes a fix for the unpack handler crash. For WithSecure Email and Server Security version 15, update to a version that includes a fix for the unpack handler crash. For WithSecure Elements Endpoint Protection versions 17 and later, update to a version that includes a fix for the unpack handler crash. For WithSecure Client Security for Mac version 15, update to a version that includes a fix for the unpack handler crash. For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a version that includes a fix for the unpack handler crash. For WithSecure Linux Security 64 version 12.0, update to a version that includes a fix for the unpack handler crash. For WithSecure Linux Protection version 12.0, update to a version that includes a fix for the unpack handler crash. For WithSecure Atlant version 1.0.35-1, update to a version that includes a fix for the unpack handler crash.

**Name of the Vulnerable Software and Affected Versions** WithSecure Client Security version 15 WithSecure Server Security version 15 WithSecure Email and Server Security version 15 WithSecure Elements Endpoint Protection versions 17 and later WithSecure Client Security for Mac version 15 WithSecure Elements Endpoint Protection for Mac versions 17 and later WithSecure Linux Security 64 version 12.0 WithSecure Linux Protection version 12.0 WithSecure Atlant versions 15 and later **Description** The issue is a buffer over-read that may cause a denial of service (DoS) when processing certain fuzz file types. **Recommendations** For WithSecure Client Security version 15, update to a fixed version when available. For WithSecure Server Security version 15, update to a fixed version when available. For WithSecure Email and Server Security version 15, update to a fixed version when available. For WithSecure Elements Endpoint Protection versions 17 and later, update to a fixed version when available. For WithSecure Client Security for Mac version 15, update to a fixed version when available. For WithSecure Elements Endpoint Protection for Mac versions 17 and later, update to a fixed version when available. For WithSecure Linux Security 64 version 12.0, update to a fixed version when available. For WithSecure Linux Protection version 12.0, update to a fixed version when available. For WithSecure Atlant versions 15 and later, update to a fixed version when available.

**Name of the Vulnerable Software and Affected Versions** F-Secure Endpoint Protection for Windows and macOS versions before channel with Capricorn database 2022-11-22 07 **Description** The issue is related to the incorrect handling of the path to the `aerdl.dll` library, which can cause the unpacker handler to crash. This crash can lead to a scanning engine crash. The issue can be triggered remotely by an attacker, resulting in a denial of service. **Recommendations** For F-Secure Endpoint Protection for Windows and macOS versions before channel with Capricorn database 2022-11-22 07, update to a version with a Capricorn database of 2022-11-22 07 or later to resolve the issue. As a temporary workaround, consider restricting access to the `aerdl.dll` library to minimize the risk of exploitation.