CVE-2007-2965

Published: May 31, 2007Modified: Apr 23, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability in the Real-time Scanning component in multiple F-Secure products, including Internet Security 2005, 2006 and 2007; Anti-Virus 2005, 2006 and 2007; and Solutions based on F-Secure Protection Service for Consumers 6.40 and earlier allows local users to gain privileges via a crafted I/O request packet (IRP), related to IOCTL (Input/Output Control) and "access validation of the address space."

Affected (19)

Products: F Secure: F Secure Anti Virus, F Secure Anti Virus Client Security, F Secure Anti Virus Linux Client Security, F Secure Anti Virus Linux Server Security, F Secure Internet Security, F Secure Protection Service, Internet Gatekeeper

F Secure

7 products

F Secure Anti Virus

F Secure Anti Virus Client Security

F Secure Anti Virus Linux Client Security

F Secure Anti Virus Linux Server Security

F Secure Internet Security

F Secure Protection Service

Internet Gatekeeper

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
F Secure F Secure Anti Virus	Up to 5.52
F Secure F Secure Anti Virus	Up to 4.65
F Secure F Secure Anti Virus	Up to 4.65
F Secure F Secure Anti Virus	Up to 5.61
F Secure F Secure Anti Virus	Up to 6.40
F Secure F Secure Anti Virus	Up to 5.42
F Secure F Secure Anti Virus	Up to 5.44
F Secure F Secure Anti Virus	Version 2005
F Secure F Secure Anti Virus	Version 2006
F Secure F Secure Anti Virus	Version 2007
F Secure F Secure Anti Virus Client Security	Up to 6.03
F Secure F Secure Anti Virus Linux Client Security	Up to 5.30
F Secure F Secure Anti Virus Linux Server Security	Up to 5.30
F Secure F Secure Internet Security	Version 2005
F Secure F Secure Internet Security	Version 2006
F Secure F Secure Internet Security	Version 2007
F Secure F Secure Protection Service	Up to 6.40
F Secure Internet Gatekeeper	Up to 6.60
F Secure Internet Gatekeeper	Up to 2.16