{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"F-Secure Anti-Virus for MIMEsweeper versions 5.61 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Anti-Virus for Workstations versions 7.00 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Anti-Virus for Linux Servers versions 4.65 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"solutions bas\u00e9es sur F-Secure Protection Service for Consumers versions 7.00 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Internet Gatekeeper for Linux versions 2.16 et ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Anti-Virus for Citrix Servers version 5.52 ;","product":{"name":"N/A","vendor":{"name":"Citrix","scada":false}}},{"description":"F-Secure Client Security versions 7.00 et ant\u00e9rieures ;","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Internet Gatekeeper versions 6.61 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Anti-Virus for Windows Servers versions 7.00 et ant\u00e9rieures ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"F-Secure Linux Client Security versions 5.52 et ant\u00e9rieures ;","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Anti-Virus for MS Exchange versions 7.00 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Internet Security 2005, 2006 et 2007 ;","product":{"name":"Internet Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Linux Server Security versions 5.52 et ant\u00e9rieures ;","product":{"name":"Server Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Anti-Virus for Linux Gateways versions 4.65 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"ESET","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le traitement des archives LHA\net RAR par les produits F-Secure. Un utilisateur malintentionn\u00e9 peut\nmodifier les en-t\u00eates d'un fichier archive LHA ou RAR de telle sorte que\ncelui-ci \u00e9chappera \u00e0 la d\u00e9tection par les produits F-Secure des codes\nmalveillants.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[],"links":[],"reference":"CERTA-2007-AVI-272","revisions":[{"description":"version initiale.","revision_date":"2007-06-20T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans le traitement des archives LHA et RAR par les\nproduits <span class=\"textit\">F-Secure</span> permet de contourner le\nm\u00e9canisme de d\u00e9tection des codes malveillants.\n","title":"Vuln\u00e9rabilit\u00e9 dans les produits F-Secure","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 F-Secure FSC-2007-5 du 19 juin 2007","url":"http://www.f-secure.com/security/fsc-2007-5.shtml"}]}