PT-2007-6236 · Microsoft+1 · Windows Server+1

Published

2007-10-01

Updated

2017-07-29

CVE-2007-5143

CVSS v2.0

1.9

Low

Vector

AV:L/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions F-Secure Anti-Virus for Windows Servers version 7.0 64-bit edition

Description The issue allows local users to bypass virus scanning by storing a crafted archive or packed executable in the system32 directory. This does not cross privilege boundaries in many environments, as any process able to write to system32 could also shut off F-Secure Anti-Virus.

Recommendations For F-Secure Anti-Virus for Windows Servers version 7.0 64-bit edition, consider restricting write access to the system32 directory to prevent exploitation. Additionally, monitor system activity for suspicious archive or executable files in the system32 directory. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-5143

Affected Products

F-Secure Anti-Virus

Windows Server

PT-2007-6236 · Microsoft+1 · Windows Server+1

CVE-2007-5143

Related Identifiers

Affected Products

References · 8