CVE-2006-0337

Buffer overflow in multiple F-Secure Anti-Virus products and versions for Windows and Linux, including Anti-Virus for Windows Servers 5.52 and earlier, Internet Security 2004, 2005 and 2006, and Anti-Virus for Linux Servers 4.64 and earlier, allows remote attackers to execute arbitrary code via crafted ZIP archives.

Published: 2006-01-21 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2006-0337 is rated Moderate Risk (61.7/100): CVSS High severity, with high exploitation likelihood (EPSS 5.82%, 92th percentile). EPSS ranks this CVE among the most likely to be exploited in the near term. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2006-0337

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 6.41% 5.82% -0.59%
2 2025-03-30 4.63% 6.41% +1.78%
3 2025-03-29 4.63%

Full EPSS history (9 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-0337

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 6.4 [email protected]

Weakness enumeration for CVE-2006-0337

Affected software / configurations for CVE-2006-0337

Vendor Product Version Raw CPE
f-secure f-secure_anti-virus 2.16 cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*
f-secure f-secure_anti-virus 4.51 cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
f-secure f-secure_anti-virus 4.51 cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
f-secure f-secure_anti-virus 4.51 cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*
f-secure f-secure_anti-virus 4.52 cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
f-secure f-secure_anti-virus 4.52 cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
f-secure f-secure_anti-virus 4.52 cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*
f-secure f-secure_anti-virus 4.61 cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
f-secure f-secure_anti-virus 4.61 cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
f-secure f-secure_anti-virus 4.62 cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:*
f-secure f-secure_anti-virus 4.64 cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*
f-secure f-secure_anti-virus 4.64 cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*
f-secure f-secure_anti-virus 5.0 cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.0 cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.01 cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_client_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.01 cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_server_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.5 cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*
f-secure f-secure_anti-virus 5.5 cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.5 cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*
f-secure f-secure_anti-virus 5.5 cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*
f-secure f-secure_anti-virus 5.11 cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_client_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.11 cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_server_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.40 cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*
f-secure f-secure_anti-virus 5.41 cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*
f-secure f-secure_anti-virus 5.41 cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
f-secure f-secure_anti-virus 5.41 cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
f-secure f-secure_anti-virus 5.42 cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*
f-secure f-secure_anti-virus 5.42 cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
f-secure f-secure_anti-virus 5.42 cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
f-secure f-secure_anti-virus 5.43 cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
f-secure f-secure_anti-virus 5.44 cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*
f-secure f-secure_anti-virus 5.51 cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:mimesweeper:*:*:*:*:*
f-secure f-secure_anti-virus 5.52 cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*
f-secure f-secure_anti-virus 5.52 cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.52 cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:windows_servers:*:*:*:*:*
f-secure f-secure_anti-virus 5.54 cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.55 cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
f-secure f-secure_anti-virus 5.61 cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*
f-secure f-secure_anti-virus 6.01 cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*
f-secure f-secure_anti-virus 6.01 cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
f-secure f-secure_anti-virus 6.2 cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:firewalls:*:*:*:*:*
f-secure f-secure_anti-virus 6.2 cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
f-secure f-secure_anti-virus 6.21 cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
f-secure f-secure_anti-virus 6.30 cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
f-secure f-secure_anti-virus 6.30_sr1 cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
f-secure f-secure_anti-virus 6.31 cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
f-secure f-secure_anti-virus 6.40 cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*
f-secure f-secure_anti-virus 2004 cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
f-secure f-secure_anti-virus 2005 cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
f-secure f-secure_anti-virus 2006 cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*
f-secure f-secure_internet_security 2004 cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
f-secure f-secure_internet_security 2005 cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
f-secure f-secure_internet_security 2006 cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*
f-secure internet_gatekeeper 2.06 cpe:2.3:a:f-secure:internet_gatekeeper:2.06:*:linux:*:*:*:*:*
f-secure internet_gatekeeper 2.6 cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*
f-secure internet_gatekeeper 2.14 cpe:2.3:a:f-secure:internet_gatekeeper:2.14:*:linux:*:*:*:*:*
f-secure internet_gatekeeper 6.3 cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*
f-secure internet_gatekeeper 6.4 cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
f-secure internet_gatekeeper 6.31 cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*
f-secure internet_gatekeeper 6.32 cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
f-secure internet_gatekeeper 6.41 cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*
f-secure internet_gatekeeper 6.42 cpe:2.3:a:f-secure:internet_gatekeeper:6.42:*:*:*:*:*:*:*
f-secure solutions_based_on_f-secure_personal_express 6.20 cpe:2.3:a:f-secure:solutions_based_on_f-secure_personal_express:6.20:*:*:*:*:*:*:*

References for CVE-2006-0337

cvelogic Threat Intelligence