A vulnerability classified as critical has been found in F-Secure Anti-Virus (Anti-Malware Software) (version unknown). Affected is an unknown function of the component Help/Support Center. The manipulation with an unknown input leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-264. This is going to have an impact on integrity, and availability. CVE summarizes:

F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that "the inability to catch these files are caused by lacking functionality rather than programming errors."

The weakness was published 08/22/2012 as not defined posting (Bugtraq). The advisory is shared for download at securityfocus.com. This vulnerability is traded as CVE-2010-3499 since 09/24/2010. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $5k-$25k (estimation calculated on 03/15/2019). The MITRE ATT&CK project declares the attack technique as T1068.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Similar entries are available at 61739 and 61738.

Productinfoedit

Type

• Anti-Malware Software

Vendor

• F-Secure

Name

• Anti-Virus

CPE 2.3infoedit

• 🔍

CPE 2.2infoedit

• 🔍

CVSSv3infoedit

CVSSv2infoedit

Exploitinginfoedit

Threat Intelligenceinfoedit

Countermeasuresinfoedit

Timelineinfoedit

Sourcesinfoedit

Entryinfoedit

Comments