CVE-2004-2405: Buffer Overflow
First published: Fri Dec 31 2004(Updated: )
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| f-secure f-secure anti-virus | <=4.52 | |
| f-secure f-secure anti-virus | <=5.42 | |
| f-secure f-secure anti-virus | <=5.42 | |
| f-secure f-secure anti-virus | <=5.42 | |
| f-secure f-secure anti-virus | <=5.52 | |
| f-secure f-secure anti-virus | <=6.21 | |
| f-secure f-secure anti-virus | <=2004 | |
| f-secure f-secure anti-virus | =4.60 | |
| f-secure f-secure for firewalls | <=6.20 | |
| f-secure f-secure internet security | <=2004 | |
| F-Secure Internet Gatekeeper for Linux | <=6.32 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-2405?
CVE-2004-2405 has a medium severity rating due to its potential to cause denial of service or bypass scanning.
How do I fix CVE-2004-2405?
To fix CVE-2004-2405, you should update F-Secure Anti-Virus products to the latest version that addresses this vulnerability.
Which F-Secure Anti-Virus products are affected by CVE-2004-2405?
CVE-2004-2405 affects multiple F-Secure Anti-Virus products including versions up to 5.42 and others based on the specified CPEs.
What exploits are possible with CVE-2004-2405?
Exploiting CVE-2004-2405 could allow remote attackers to cause product crashes or bypass the antivirus scanning process.
Is there a way to mitigate CVE-2004-2405?
Mitigation for CVE-2004-2405 involves ensuring that your antivirus software is always updated to the most secure version available.
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/f-secure
- canonical/f-secure f-secure anti-virus
- version/f-secure f-secure anti-virus/4.52
- version/f-secure f-secure anti-virus/5.42
- version/f-secure f-secure anti-virus/5.52
- version/f-secure f-secure anti-virus/6.21
- version/f-secure f-secure anti-virus/2004
- version/f-secure f-secure anti-virus/4.60
- canonical/f-secure f-secure for firewalls
- version/f-secure f-secure for firewalls/6.20
- canonical/f-secure f-secure internet security
- version/f-secure f-secure internet security/2004
- canonical/f-secure internet gatekeeper for linux
- version/f-secure internet gatekeeper for linux/6.32