Sign-up

ID

VAR-200412-0326


CVE

CVE-2004-2405


TITLE

F-Secure Anti-Virus Product buffer overflow vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200412-254

DESCRIPTION

Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive. F-Secure Anti-Virus is prone to a denial-of-service vulnerability. Several F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier versions, have buffer overflow vulnerabilities

Trust: 1.26

sources: NVD: CVE-2004-2405 // BID: 90393 // VULHUB: VHN-10833

AFFECTED PRODUCTS

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.60

Trust: 1.6

vendor:f securemodel:f-secure for firewallsscope:lteversion:6.20

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:lteversion:2004

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:lteversion:4.52

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:lteversion:6.21

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:lteversion:5.42

Trust: 1.0

vendor:f securemodel:internet gatekeeperscope:lteversion:6.32

Trust: 1.0

vendor:f securemodel:f-secure anti-virusscope:lteversion:5.52

Trust: 1.0

vendor:f securemodel:f-secure internet securityscope:lteversion:2004

Trust: 1.0

vendor:f securemodel:f-secure internet securityscope:eqversion:2004

Trust: 0.9

vendor:f securemodel:f-secure for firewallsscope:eqversion:6.20

Trust: 0.9

vendor:f securemodel:f-secure anti-virusscope:eqversion:2004

Trust: 0.9

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.52

Trust: 0.6

vendor:f securemodel:f-secure anti-virusscope:eqversion:6.21

Trust: 0.6

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.52

Trust: 0.6

vendor:f securemodel:f-secure anti-virusscope:eqversion:5.42

Trust: 0.6

vendor:f securemodel:internet gatekeeperscope:eqversion:6.32

Trust: 0.3

vendor:f securemodel:f-secure anti-virus ms exchangescope:eqversion:6.21

Trust: 0.3

vendor:f securemodel:f-secure anti-virus client securityscope:eqversion:5.52

Trust: 0.3

vendor:f securemodel:f-secure anti-virus workstationsscope:eqversion:5.42

Trust: 0.3

vendor:f securemodel:f-secure anti-virus windows serversscope:eqversion:5.42

Trust: 0.3

vendor:f securemodel:f-secure anti-virus mimesweeperscope:eqversion:5.42

Trust: 0.3

vendor:f securemodel:f-secure anti-virus samba serversscope:eqversion:4.60

Trust: 0.3

vendor:f securemodel:f-secure anti-virus linuxscope:eqversion:4.52

Trust: 0.3

sources: BID: 90393 // CNNVD: CNNVD-200412-254 // NVD: CVE-2004-2405

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-2405
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200412-254
value: MEDIUM

Trust: 0.6

VULHUB: VHN-10833
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2004-2405
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-10833
severity: MEDIUM
baseScore: 6.4
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-10833 // CNNVD: CNNVD-200412-254 // NVD: CVE-2004-2405

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-2405

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200412-254

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200412-254

EXTERNAL IDS

db:NVDid:CVE-2004-2405

Trust: 2.0

db:SECUNIAid:11712

Trust: 1.7

db:XFid:16258

Trust: 0.9

db:CNNVDid:CNNVD-200412-254

Trust: 0.7

db:BIDid:90393

Trust: 0.4

db:VULHUBid:VHN-10833

Trust: 0.1

sources: VULHUB: VHN-10833 // BID: 90393 // CNNVD: CNNVD-200412-254 // NVD: CVE-2004-2405

REFERENCES

url:http://www.f-secure.com/security/fsc-2004-1.shtml

Trust: 2.0

url:http://secunia.com/advisories/11712

Trust: 1.7

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/16258

Trust: 1.1

url:http://xforce.iss.net/xforce/xfdb/16258

Trust: 0.9

sources: VULHUB: VHN-10833 // BID: 90393 // CNNVD: CNNVD-200412-254 // NVD: CVE-2004-2405

CREDITS

Unknown

Trust: 0.3

sources: BID: 90393

SOURCES

db:VULHUBid:VHN-10833
db:BIDid:90393
db:CNNVDid:CNNVD-200412-254
db:NVDid:CVE-2004-2405

LAST UPDATE DATE

2024-08-14T14:29:26.993000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-10833date:2017-07-11T00:00:00
db:BIDid:90393date:2004-12-31T00:00:00
db:CNNVDid:CNNVD-200412-254date:2005-10-20T00:00:00
db:NVDid:CVE-2004-2405date:2017-07-11T01:31:52.093

SOURCES RELEASE DATE

db:VULHUBid:VHN-10833date:2004-12-31T00:00:00
db:BIDid:90393date:2004-12-31T00:00:00
db:CNNVDid:CNNVD-200412-254date:2004-12-31T00:00:00
db:NVDid:CVE-2004-2405date:2004-12-31T05:00:00