CVE-2004-2442

Name: CVE-2004-2442
Creator: NVD / NIST
Published: 2004-12-31T05:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 10.64%

Last modified Jun 16, 2026

CVE-2004-2442 is a vulnerability of currently unknown severity. Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.. EPSS estimates a 10.64% chance of exploitation in the next 30 days.

Description

Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.

Metrics

EPSS Probability

10.64%

95.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
F-Secure	F-Secure Anti-Virus	4.51
F-Secure	F-Secure Anti-Virus	4.52
F-Secure	F-Secure Anti-Virus	4.60
F-Secure	F-Secure Anti-Virus	4.61
F-Secure	F-Secure Anti-Virus	5.0
F-Secure	F-Secure Anti-Virus	5.5
F-Secure	F-Secure Anti-Virus	5.41
F-Secure	F-Secure Anti-Virus	5.42
F-Secure	F-Secure Anti-Virus	5.43
F-Secure	F-Secure Anti-Virus	5.52
F-Secure	F-Secure Anti-Virus	5.55
F-Secure	F-Secure Anti-Virus	6.01
F-Secure	F-Secure Anti-Virus	6.2
F-Secure	F-Secure Anti-Virus	6.21
F-Secure	F-Secure Anti-Virus	6.30
F-Secure	F-Secure Anti-Virus	6.30_sr1
F-Secure	F-Secure Anti-Virus	6.31
F-Secure	F-Secure Anti-Virus	2004
F-Secure	F-Secure Anti-Virus	2005
F-Secure	F-Secure For Firewalls	6.20
F-Secure	F-Secure Internet Security	2004
F-Secure	F-Secure Internet Security	2005
F-Secure	F-Secure Personal Express	4.5
F-Secure	F-Secure Personal Express	4.6
F-Secure	F-Secure Personal Express	4.7
F-Secure	F-Secure Personal Express	5.0
F-Secure	Internet Gatekeeper	2.6
F-Secure	Internet Gatekeeper	6.3
F-Secure	Internet Gatekeeper	6.4
F-Secure	Internet Gatekeeper	6.31
F-Secure	Internet Gatekeeper	6.32
F-Secure	Internet Gatekeeper	6.41

References

http://secunia.com/advisories/13263/Patch
http://www.ciac.org/ciac/bulletins/p-041.shtmlVendor Advisory
http://www.f-secure.com/security/fsc-2004-3.shtmlPatch, Vendor Advisory
http://www.kb.cert.org/vuls/id/968818Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/11732Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/18217
http://secunia.com/advisories/13263/Patch
http://www.ciac.org/ciac/bulletins/p-041.shtmlVendor Advisory
http://www.f-secure.com/security/fsc-2004-3.shtmlPatch, Vendor Advisory
http://www.kb.cert.org/vuls/id/968818Third Party Advisory, US Government Resource
http://www.securityfocus.com/bid/11732Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/18217

Timeline

Published: Dec 31, 2004
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2004-2442?

How severe is CVE-2004-2442?

Severity scoring for CVE-2004-2442 is pending analysis. The EPSS model estimates a 10.64% probability of exploitation in the next 30 days.

How do I fix CVE-2004-2442?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-2442?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST