Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2220

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2220
Last Modified 05 Sep 2008 04:43:31
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2220

Summary

F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection.

Vulnerable Systems

Application

  • F-secure Anti-virus 6.30

  • F-secure Anti-virus 6.30 Sr1

  • F-secure Anti-virus 6.31


References

XF - fsecure-password-antivirus-bypass(17944)

BID - 11600

SECTRACK - 1012057

SECUNIA - 13067

CONFIRM - ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt

OSVDB - 11395


Last Updated: 27 May 2016 10:39:24