Vulnerability Details CVE-2004-2442
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.189
EPSS Ranking 94.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/13263/
- http://www.ciac.org/ciac/bulletins/p-041.shtml
- http://www.f-secure.com/security/fsc-2004-3.shtml
- http://www.kb.cert.org/vuls/id/968818
- http://www.securityfocus.com/bid/11732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18217
- http://secunia.com/advisories/13263/
- http://www.ciac.org/ciac/bulletins/p-041.shtml
- http://www.f-secure.com/security/fsc-2004-3.shtml
- http://www.kb.cert.org/vuls/id/968818
- http://www.securityfocus.com/bid/11732
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18217
Products affected by CVE-2004-2442
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2004
-
cpe:2.3:a:f-secure:f-secure_anti-virus:2005
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.51
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.52
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.60
-
cpe:2.3:a:f-secure:f-secure_anti-virus:4.61
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.0
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.41
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.42
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.43
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.5
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.52
-
cpe:2.3:a:f-secure:f-secure_anti-virus:5.55
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.01
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.2
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.21
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1
-
cpe:2.3:a:f-secure:f-secure_anti-virus:6.31
-
cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20
-
cpe:2.3:a:f-secure:f-secure_internet_security:2004
-
cpe:2.3:a:f-secure:f-secure_internet_security:2005
-
cpe:2.3:a:f-secure:f-secure_personal_express:4.5
-
cpe:2.3:a:f-secure:f-secure_personal_express:4.6
-
cpe:2.3:a:f-secure:f-secure_personal_express:4.7
-
cpe:2.3:a:f-secure:f-secure_personal_express:5.0
-
cpe:2.3:a:f-secure:internet_gatekeeper:2.6
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.3
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.31
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.32
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.4
-
cpe:2.3:a:f-secure:internet_gatekeeper:6.41