In association with heise online

18 July 2008, 09:55

DoS vulnerability in F-Prot eliminated

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The security services provider n.runs says that in late April this year Frisk, the Icelandic vendor of F-Prot antivirus software, eliminated a vulnerability in its scan engine for Windows that could have allowed attackers to make the scanner crash. Frisk had previously been advised of the problem by n.runs, but apparently there were problems with further communications, leaving n.runs uncertain of the outcome. Normally, n.runs doesn't publish its reports until a vulnerability has been eliminated.

This it has now done. The cause of the vulnerability is a faulty memory access that occurs when crafted CHM files are parsed. All versions of the scan engine before 4.4.4 are affected.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit