CVE-2010-1425

Name of the Vulnerable Software and Affected Versions F-Secure Internet Security versions 2010 and earlier Anti-Virus for Microsoft Exchange versions 9 and earlier Anti-Virus for MIMEsweeper versions 5.61 and earlier Internet Gatekeeper for Windows versions 6.61 and earlier Internet Gatekeeper for Linux versions 4.02 and earlier Anti-Virus versions 2010 and earlier Home Server Security version 2009 Protection Service for Consumers versions 9 and earlier Protection Service for Business - Workstation security versions 9 and earlier Protection Service for Business - Server Security versions 8 and earlier Protection Service for E-mail and Server security versions 9 and earlier Mac Protection build 8060 and earlier Client Security versions 9 and earlier

Description The issue is related to improper detection of malware in crafted archives, including 7Z, GZIP, CAB, or RAR archives. This makes it easier for remote attackers to avoid detection.

Recommendations For F-Secure Internet Security versions 2010 and earlier, update to a newer version to resolve the issue. For Anti-Virus for Microsoft Exchange versions 9 and earlier, update to a newer version to resolve the issue. For Anti-Virus for MIMEsweeper versions 5.61 and earlier, update to a newer version to resolve the issue. For Internet Gatekeeper for Windows versions 6.61 and earlier, update to a newer version to resolve the issue. For Internet Gatekeeper for Linux versions 4.02 and earlier, update to a newer version to resolve the issue. For Anti-Virus versions 2010 and earlier, update to a newer version to resolve the issue. For Home Server Security version 2009, update to a newer version to resolve the issue. For Protection Service for Consumers versions 9 and earlier, update to a newer version to resolve the issue. For Protection Service for Business - Workstation security versions 9 and earlier, update to a newer version to resolve the issue. For Protection Service for Business - Server Security versions 8 and earlier, update to a newer version to resolve the issue. For Protection Service for E-mail and Server security versions 9 and earlier, update to a newer version to resolve the issue. For Mac Protection build 8060 and earlier, update to a newer version to resolve the issue. For Client Security versions 9 and earlier, update to a newer version to resolve the issue. As a temporary workaround, consider restricting the handling of crafted 7Z, GZIP, CAB, or RAR archives until a patch is available.