Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2405

Description

Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.

Affected products

F-Secure/Anti Virus8 versions
cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:*:*:*:*:*:*range: <=2004
- cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*
- cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:client_security:*:*:*:*:*range: <=5.52
- cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux:*:*:*:*:*range: <=4.52
- cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:mimesweeper:*:*:*:*:*range: <=5.42
- cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:ms_exchange:*:*:*:*:*range: <=6.21
- cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:windows_servers:*:*:*:*:*range: <=5.42
- cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:workstations:*:*:*:*:*range: <=5.42
F-Secure/F Secure For Firewalls
cpe:2.3:a:f-secure:f-secure_for_firewalls:*:*:*:*:*:*:*:*
Range: <=6.20
F-Secure/Internet Security
cpe:2.3:a:f-secure:f-secure_internet_security:*:*:*:*:*:*:*:*
Range: <=2004
F-Secure/Internet Gatekeeper
cpe:2.3:a:f-secure:internet_gatekeeper:*:*:*:*:*:*:*:*
Range: <=6.32

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/11712nvdPatchVendor Advisory
www.f-secure.com/security/fsc-2004-1.shtmlnvdPatchVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/16258nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000