1. CVE-Search
  2. CVE-2004-2442
ID CVE-2004-2442
Summary Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system.
References
Vulnerable Configurations
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:f-secure_personal_express:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:2.6:*:linux:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*
  • cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*
    cpe:2.3:a:f-secure:internet_gatekeeper:6.41:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-07-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
bid 11732
cert-vn VU#968818
ciac P-041
confirm http://www.f-secure.com/security/fsc-2004-3.shtml
secunia 13263
xf fsecure-zip-scan-bypass(18217)
Last major update 11-07-2017 - 01:31
Published 31-12-2004 - 05:00
Last modified 11-07-2017 - 01:31
Back to Top