CVSS: 5.0EPSS: 0%CPEs: 44EXPL: 1CVE-2004-2442 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-2442
Multiple interpretation error in various F-Secure Anti-Virus products, including Workstation 5.43 and earlier, Windows Servers 5.50 and earlier, MIMEsweeper 5.50 and earlier, Anti-Virus for Linux Servers and Gateways 4.61 and earlier, and other products, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on the target system. • https://www.exploit-db.com/exploits/629 http://secunia.com/advisories/13263 http://www.ciac.org/ciac/bulletins/p-041.shtml http://www.f-secure.com/security/fsc-2004-3.shtml http://www.kb.cert.org/vuls/id/968818 http://www.securityfocus.com/bid/11732 https://exchange.xforce.ibmcloud.com/vulnerabilities/18217 •
CVSS: 6.4EPSS: 0%CPEs: 11EXPL: 0CVE-2004-2405
https://notcve.org/view.php?id=CVE-2004-2405
Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive. • http://secunia.com/advisories/11712 http://www.f-secure.com/security/fsc-2004-1.shtml https://exchange.xforce.ibmcloud.com/vulnerabilities/16258 •
CVSS: 5.0EPSS: 1%CPEs: 3EXPL: 0CVE-2004-2220
https://notcve.org/view.php?id=CVE-2004-2220
F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection. • ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt http://secunia.com/advisories/13067 http://securitytracker.com/id?1012057 http://www.osvdb.org/11395 http://www.securityfocus.com/bid/11600 https://exchange.xforce.ibmcloud.com/vulnerabilities/17944 •
CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 0CVE-2004-0830
https://notcve.org/view.php?id=CVE-2004-0830
The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet. • http://marc.info/?l=bugtraq&m=109483205925698&w=2 http://www.f-secure.com/security/fsc-2004-2.shtml http://www.idefense.com/application/poi/display?id=137&type=vulnerabilities http://www.securityfocus.com/bid/11145 https://exchange.xforce.ibmcloud.com/vulnerabilities/17307 •
CVSS: 6.4EPSS: 0%CPEs: 50EXPL: 1CVE-2004-0235
https://notcve.org/view.php?id=CVE-2004-0235
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). Múltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) ".." (punto punto) o (2) rutas absolutas con barra inicial doble ("//ruta/absoluta"). • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840 http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html http://marc.info/?l=bugtraq&m=108422737918885&w=2 http://security.gentoo.org/glsa/glsa-200405-02.xml http://www.debian.org/security/2004/dsa-515 http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html http://www.redhat.com/support/errata/RHSA-2004-178.html http://www.redhat.com/support/errata/RHSA-2004-179.html h •