Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2442

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2442
Last Modified 05 Sep 2008 04:44:09
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2442

Summary

Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.

Vulnerable Systems

Application

  • F-secure Anti-virus 2004

  • F-secure Anti-virus 2005

  • F-secure Anti-virus 4.51

  • F-secure Anti-virus 4.52

  • F-secure Anti-virus 4.60

  • F-secure Anti-virus 4.61

  • F-secure Anti-virus 5.0

  • F-secure Anti-virus 5.41

  • F-secure Anti-virus 5.42

  • F-secure Anti-virus 5.43

  • F-secure Anti-virus 5.5

  • F-secure Anti-virus 5.52

  • F-secure Anti-virus 5.55

  • F-secure Anti-virus 6.01

  • F-secure Anti-virus 6.2

  • F-secure Anti-virus 6.21

  • F-secure Anti-virus 6.30

  • F-secure Anti-virus 6.30 Sr1

  • F-secure Anti-virus 6.31

  • F-secure For Firewalls 6.20

  • F-secure Internet Gatekeeper 2.6

  • F-secure Internet Gatekeeper 6.3

  • F-secure Internet Gatekeeper 6.31

  • F-secure Internet Gatekeeper 6.32

  • F-secure Internet Gatekeeper 6.4

  • F-secure Internet Gatekeeper 6.41

  • F-secure Internet Security 2004

  • F-secure Internet Security 2005

  • F-secure Personal Express 4.5

  • F-secure Personal Express 4.6

  • F-secure Personal Express 4.7

  • F-secure Personal Express 5.0


References

CERT-VN - VU#968818

XF - fsecure-zip-scan-bypass(18217)

BID - 11732

CONFIRM - http://www.f-secure.com/security/fsc-2004-3.shtml

SECUNIA - 13263

CIAC - P-041


Last Updated: 27 May 2016 10:39:28