CVE-2004-2405
Last modified
CVE-2004-2405 is a vulnerability of currently unknown severity. Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.. EPSS estimates a 1.72% chance of exploitation in the next 30 days.
Description
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| F-Secure | F-Secure Anti-Virus | <= 4.52 |
| F-Secure | F-Secure Anti-Virus | <= 5.42 |
| F-Secure | F-Secure Anti-Virus | <= 5.52 |
| F-Secure | F-Secure Anti-Virus | <= 6.21 |
| F-Secure | F-Secure Anti-Virus | <= 2004 |
| F-Secure | F-Secure Anti-Virus | 4.60 |
| F-Secure | F-Secure For Firewalls | <= 6.20 |
| F-Secure | F-Secure Internet Security | <= 2004 |
| F-Secure | Internet Gatekeeper | <= 6.32 |
References
- http://secunia.com/advisories/11712Patch, Vendor Advisory
- http://www.f-secure.com/security/fsc-2004-1.shtmlPatch, Vendor Advisory
- http://secunia.com/advisories/11712Patch, Vendor Advisory
- http://www.f-secure.com/security/fsc-2004-1.shtmlPatch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-2405?
How severe is CVE-2004-2405?
How do I fix CVE-2004-2405?
Are you affected by CVE-2004-2405?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST