CVE-2006-3490
First published: Mon Jul 10 2006(Updated: )
F-Secure Anti-Virus 2003 through 2006 and other versions, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier does not scan files contained on removable media when "Scan network drives" is disabled, which allows remote attackers to bypass anti-virus controls.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F-Secure Anti-Virus | <=5.61 | |
| F-Secure Anti-Virus | =2006 | |
| F-Secure Anti-Virus | <=5.52 | |
| F-Secure Internet Security 2010 | =2003 | |
| F-Secure Service Platform for Service Providers | ||
| F-Secure Anti-Virus | =5.5 | |
| F-Secure Anti-Virus | <=6.01 | |
| F-Secure Anti-Virus | =2005 | |
| F-Secure Anti-Virus | =5.51 | |
| F-Secure Anti-Virus | =2004 | |
| F-Secure Internet Security 2010 | =2005 | |
| F-Secure Anti-Virus | <=5.44 | |
| F-Secure Internet Security 2010 | =2006 | |
| F-Secure Internet Security 2010 | =2004 | |
| F-Secure Anti-Virus | =5.52 | |
| F-Secure Anti-Virus | =2003 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.f-secure.com/security/fsc-2006-4.shtml
- http://securitytracker.com/id?1016400
- http://securitytracker.com/id?1016401
- http://www.osvdb.org/26876
- http://www.securityfocus.com/bid/18693
- http://secunia.com/advisories/20858
- http://www.vupen.com/english/advisories/2006/2573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27502
Frequently Asked Questions
What is the severity of CVE-2006-3490?
CVE-2006-3490 is considered a medium severity vulnerability due to its potential for allowing attackers to bypass anti-virus controls.
How do I fix CVE-2006-3490?
To fix CVE-2006-3490, enable the 'Scan network drives' option in F-Secure Anti-Virus settings.
Which versions of F-Secure are affected by CVE-2006-3490?
CVE-2006-3490 affects F-Secure Anti-Virus 2003 through 2006, Internet Security 2003 through 2006, and Service Platform for Service Providers 6.x and earlier.
What is the impact of CVE-2006-3490?
The impact of CVE-2006-3490 is that it allows remote attackers to bypass malware scanning on removable media if the scan option is disabled.
How can I confirm if my F-Secure software is vulnerable to CVE-2006-3490?
You can confirm vulnerability to CVE-2006-3490 by checking if you are using F-Secure Anti-Virus versions from 2003 to 2006 or the specified Internet Security versions.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/f-secure
- canonical/f-secure anti-virus
- version/f-secure anti-virus/5.61
- version/f-secure anti-virus/2006
- version/f-secure anti-virus/5.52
- canonical/f-secure internet security 2010
- version/f-secure internet security 2010/2003
- canonical/f-secure service platform for service providers
- version/f-secure anti-virus/5.5
- version/f-secure anti-virus/6.01
- version/f-secure anti-virus/2005
- version/f-secure anti-virus/5.51
- version/f-secure anti-virus/2004
- version/f-secure internet security 2010/2005
- version/f-secure anti-virus/5.44
- version/f-secure internet security 2010/2006
- version/f-secure internet security 2010/2004
- version/f-secure anti-virus/2003