________________________________________________________________________
From the low-hanging-fruit-department
F-SECURE Generic Malformed Container bypass (GZIP)
________________________________________________________________________
Vendor : F-SECURE
Status : Patched
CVE : CVE-2020-9342
Vulnerability Dislosure Policy: https://caravelahq.com/b/policy/20949
Affected Products
=================
F-Secure Email and Server Security
F-Secure Internet GateKeeper
F-SECURE CLOUD PROTECTION FOR SALESFORCE
Linux below 17.0.605.474
I. Background
----------------------------
trust the technology that can bring us together.
II. Description
----------------------------
III. Impact
----------------------------
or Exfiltration/Pivot Server).
http://blog.zoller.lu/2009/04/case-for-av-bypassesevasions.html
IV. Patch / Advisory
----------------------------
V. Disclosure timeline
----------------------------
- NOV 14 2019
Initiated Vulnerability coordination
- FEB 05 2020
F-Secure notifies me that they have patched the flaw.
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/