CVE-2004-2442

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2004-2442
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://secunia.com/advisories/13263/ Patch
http://www.ciac.org/ciac/bulletins/p-041.shtml Vendor Advisory
http://www.f-secure.com/security/fsc-2004-3.shtml Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/968818 Third Party Advisory US Government Resource
http://www.securityfocus.com/bid/11732 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/18217
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*
History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2023-12-10 10:28

NVD link : CVE-2004-2442

Mitre link : CVE-2004-2442

CVE.ORG link : CVE-2004-2442

JSON object : View

Products Affected

f-secure

  • f-secure_for_firewalls
  • f-secure_anti-virus
  • internet_gatekeeper
  • f-secure_personal_express
  • f-secure_internet_security
CWE
NVD-CWE-Other