{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"F-Secure Anti-Virus for Linux Servers version 4.65 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"solutions bas\u00e9es sur F-Secure Protection Service for Consumers versions 8.00 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Internet Gatekeeper for Linux Japanese versions 2.37 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Internet Gatekeeper for Linux versions 3.02 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Linux Security versions 7.02 et ant\u00e9rieures ;","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Internet Gatekeeper for Windows versions 6.61 et ant\u00e9rieures ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"F-Secure Anti-Virus versions 2009 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Anti-Virus for Workstations versions 8.0 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"F-Secure Anti-Virus for Microsoft Exchange versions 8.00 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"Microsoft","scada":false}}},{"description":"F-Secure Anti-Virus Linux Server Security versions 5.54 et ant\u00e9rieures ;","product":{"name":"Server Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Home Server Security version 2009 ;","product":{"name":"Server Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Anti-Virus for MIMEsweeper versions 5.61 et ant\u00e9rieures.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"solutions bas\u00e9es sur F-Secure Protection Service for Business - E-mail and Server security versions 8.00 et ant\u00e9rieures ;","product":{"name":"Server Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Anti-Virus for Citrix Servers versions 7.00 et ant\u00e9rieures ;","product":{"name":"N/A","vendor":{"name":"Citrix","scada":false}}},{"description":"F-Secure Internet Security versions 2009 et ant\u00e9rieures ;","product":{"name":"Internet Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Anti-Virus for Windows Servers versions 8.00 et ant\u00e9rieures ;","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"F-Secure Client Security versions 8.01 et ant\u00e9rieures ;","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}},{"description":"F-Secure Anti-Virus Linux Client Security versions 5.54 et ant\u00e9rieures ;","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}},{"description":"solutions bas\u00e9es sur F-Secure Protection Service for Business - Workstation security versions 8.00 et ant\u00e9rieures ;","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le traitement des fichiers au\nformat PDF par les produits F-Secure. L'exploitation de cette\nvuln\u00e9rabilit\u00e9 permet de contourner le m\u00e9canisme de d\u00e9tection des codes\nmalveillants.\n\n## Solution\n\nLe probl\u00e8me est corrig\u00e9 via la mise \u00e0 jour automatique des d\u00e9finitions\nde code malveillant. N\u00e9anmoins, pour les syst\u00e8mes sur lesquels cette\nmise \u00e0 jour est d\u00e9sactiv\u00e9, ou pour ceux non connect\u00e9s \u00e0 l'Internet,\ncette op\u00e9ration doit \u00eatre effectu\u00e9e manuellement.\n","cves":[],"links":[],"reference":"CERTA-2009-AVI-465","revisions":[{"description":"version initiale.","revision_date":"2009-10-30T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans les produits <span class=\"textit\">F-Secure</span>\npermet de contourner le m\u00e9canisme de d\u00e9tection des codes malveillants.\n","title":"Vuln\u00e9rabilit\u00e9 dans les produits F-Secure","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 FSC-2009-3 du 29 octobre 2009","url":"http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-3.html"}]}