Notified: April 19, 2002 Updated: June 05, 2002
F-Secure products are not vulnerable. We do not have a product implemented as HTTP proxy. FSAV for Firewalls is designed to scan HTTP traffic, and works in conjunction with a CVP-compliant firewall such as Check Point FireWall-1, Cyberguard, etc. Customers using FSAV for Firewalls should check if their firewall software is affected and contact the firewall vendor to get a patch/workaround.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.