CVE-2008-6085

Name of the Vulnerable Software and Affected Versions F-Secure Internet Security versions 2006 through 2008 F-Secure Anti-Virus versions 2006 through 2008

Description The issue is related to an integer overflow that occurs when the software is configured to scan inside compressed archives. This allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.

Recommendations For F-Secure Internet Security versions 2006 through 2008, consider disabling the scanning of compressed archives until a fix is available. For F-Secure Anti-Virus versions 2006 through 2008, restrict access to the archive scanning feature to minimize the risk of exploitation.