CVE-2004-2405

3 documents3 sources

Severity

6.4MEDIUM

EPSS

0.3%

top 43.34%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

F-secure F-secure Anti-virus F-secure F-secure FOR Firewalls F-secure F-secure Internet Security +1 more

Timeline

PublishedDec 31

Latest updateApr 29

Description

Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages4 packages

▶NVDf-secure/f-secure_anti-virus4.52+5

▶NVDf-secure/f-secure6.20

▶NVDf-secure/internet_gatekeeper6.32

▶NVDf-secure/f-secure_internet_security2004

Patches

Patch: secunia.com ↗Patch: www.f-secure.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-cphv-38cp-r5pr: Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5↗2022-04-29

▶

CVEList

CVE-2004-2405: Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5↗2005-08-18

▶