5.1

CVE-2006-0642

EPSS 0.84%
Veröffentlicht 10.02.2006 11:02:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Trend Micro ServerProtect 5.58, and possibly InterScan Messaging Security Suite and InterScan Web Security Suite, have a default configuration setting of "Do not scan compressed files when Extracted file count exceeds 500 files," which may be too low in certain circumstances, which allows remote attackers to bypass anti-virus checks by sending compressed archives containing many small files. NOTE: since this is related to a configuration setting that has an operational impact that might vary depending on the environment, and the product is claimed to report a message when the compressed file exceeds specified limits, perhaps this should not be included in CVE.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Trend Micro ≫ Interscan Messaging Security Suite

Trend Micro ≫ Interscan Web Security Suite

Trend Micro ≫ Serverprotect Version5.58 Editionemc

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.84%	0.726

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.1	4.9	6.4	AV:N/AC:H/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://www.packetstormsecurity.org/0602-advisories/Bypass.pdf

Vendor Advisory

http://www.packetstormsecurity.org/filedesc/Bypass.pdf.html

Vendor Advisory

http://www.securityfocus.com/archive/1/423896/100/0/threaded

http://www.securityfocus.com/archive/1/423913/100/0/threaded

http://www.securityfocus.com/archive/1/423914/100/0/threaded

http://www.securityfocus.com/archive/1/424172/100/0/threaded

http://www.securityfocus.com/archive/1/424598/100/0/threaded

http://www.securityfocus.com/bid/16483

https://exchange.xforce.ibmcloud.com/vulnerabilities/24658

https://nvd.nist.gov/vuln/detail/CVE-2006-0642

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-0642

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-0642

EUVD