CVE-2008-6085 Information

Description

Integer overflow in multiple F-Secure anti-virus products including Internet Security 2006 through 2008 Anti-Virus 2006 through 2008 and others when configured to scan inside compressed archives allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file which triggers a buffer overflow.

Reference

http://secunia.com/advisories/32352 http://www.f-secure.com/security/fsc-2008-3.shtml http://www.securityfocus.com/bid/31846 http://www.securitytracker.com/id?1021073 http://www.vupen.com/english/advisories/2008/2874 https://exchange.xforce.ibmcloud.com/vulnerabilities/46016