Vulnerability Description
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| F-Secure | F-Secure Anti-Virus | <= 4.52 |
| F-Secure | F-Secure For Firewalls | <= 6.20 |
| F-Secure | F-Secure Internet Security | <= 2004 |
| F-Secure | Internet Gatekeeper | <= 6.32 |
References
- http://secunia.com/advisories/11712PatchVendor Advisory
- http://www.f-secure.com/security/fsc-2004-1.shtmlPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16258
- http://secunia.com/advisories/11712PatchVendor Advisory
- http://www.f-secure.com/security/fsc-2004-1.shtmlPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16258
FAQ
What is CVE-2004-2405?
CVE-2004-2405 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module resta...
How severe is CVE-2004-2405?
CVE-2004-2405 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-2405?
Check the references section above for vendor advisories and patch information. Affected products include: F-Secure F-Secure Anti-Virus, F-Secure F-Secure For Firewalls, F-Secure F-Secure Internet Security, F-Secure Internet Gatekeeper.