Critical vulnerability in the security vendor's antivirus software could allow hackers to launch denial-of-service attacks against users

F-Secure has issued a 'critical' alert for a vulnerability in its own antivirus software.

According to an F-Secure security bulletin, several of its products have a buffer-overflow vulnerability in processing LHA archives. LHA is a compression utility. The vulnerability could allow an attacker to execute arbitrary code or to create a denial-of-service condition.

Various versions of F-Secure's software for both Windows and Linux are affected. The security vendor has suggested a range of fixes in the bulletin.

Copyright © 1995-2008 CNET Networks, Inc. All rights reserved
ZDNET is a registered service mark of CNET Networks, Inc. ZDNET Logo is a service mark of CNET Networks, Inc.