F-Secure产品RPM文件解析整数溢出漏洞

BUGTRAQ ID: 31846 F-Secure Internet Gatekeeper和F-Secure Anti-Virus都是芬兰的一家杀毒软件厂商所发布的杀毒产品。 F-Secure产品在解析RPM文件时存在整数溢出漏洞。如果将杀毒软件配置为扫描压缩文档内部的话，打开恶意RPM文件就会触发这个溢出，导致执行任意指令。 F-Secure Anti-Virus Linux Server Security 5.54 F-Secure Anti-Virus Linux Client Security 5.54 F-Secure Anti-Virus for Workstations 7.11 F-Secure Anti-Virus for Windows Servers 8.00 F-Secure Anti-Virus for MIMEsweeper 5.61 F-Secure Anti-Virus for Microsoft Exchange 7.10 F-Secure Anti-Virus for Linux Servers 4.65 F-Secure Anti-Virus for Linux Gateways 4.65 F-Secure Anti-Virus for Citrix Servers 7.00 F-Secure Anti-Virus 2008 F-Secure Anti-Virus 2007 F-Secure Anti-Virus 2006 F-Secure Internet Gatekeeper for Windows 6.61 F-Secure Internet Gatekeeper for Linux 2.16 F-Secure Internet Security 2008 F-Secure Internet Security 2007 F-Secure Internet Security 2006 F-Secure -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： <a href=http://www.f-secure.com/security/fsc-2008-3.shtml target=_blank>http://www.f-secure.com/security/fsc-2008-3.shtml</a>