vulnerability announce CVE-2006-6293 CVE-2006-6294 CVE-2006-6352

F-Prot: vulnerabilities of ACE and CHM under Unix

Synthesis of the vulnerability

An attacker can generate a denial of service and an overflow of F-Prot under Unix.

Severity: 1/4. Creation date: 04/12/2006. Revision date: 05/12/2006.

Description of the vulnerability

An attacker can use two vulnerabilities of F-Prot under Unix. A malicious ACE file generates an infinite loop. [severity:1/4; BID-21420, CVE-2006-6352, >] A malicious CHM file generates a memory corruption. [severity:1/4; CVE-2006-6293, >]

Complete Vigil@nce bulletin

Access to the complete Vigil@nce bulletin

Characteristics

Title: F-Prot: vulnerabilities of ACE and CHM under Unix. Keywords: ACE CHM F-Prot Unix under vulnerabilities. Identifiers: BID-21420, CVE-2006-6293, CVE-2006-6294, CVE-2006-6352, VIGILANCE-VUL-6362.

Information sources

Publications and announces Source example: New versions of F-Prot Antivirus for all UNIX platforms

Solutions for this vulnerability

Patch or workaround

Supplements

Vulnerability : ACE A malicious ACE file generates an infinite loop. Severity: 1/4. Identifiers: BID-21420, CVE-2006-6352.

Vulnerability : CHM A malicious CHM file generates a memory corruption. Severity: 1/4. Identifiers: CVE-2006-6293.

Attack Exploit 0day or proof of concept

Attack Exploit 0day or proof of concept

Computer vulnerabilities tracking service

The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Technology watch team on vulnerabilities