Lucene search

[email protected]CVE-2004-2220

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2220

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

f-secure

anti-virus

microsoft exchange

cve-2004-2220

nvd

security vulnerability

zip file

remote attack

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.036 Low

EPSS

Percentile

91.7%

JSON

F-Secure Anti-Virus for Microsoft Exchange 6.30 and 6.31 does not properly detect certain password-protected files in a ZIP file, which allows remote attackers to bypass anti-virus protection.

CPENameOperatorVersion
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq6.30
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq6.30_sr1
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq6.31

CPE	Name	Operator	Version
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	6.30
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	6.30_sr1
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	6.31

References

ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse63x-02_readme.txt

secunia.com/advisories/13067

securitytracker.com/id?1012057

www.osvdb.org/11395

www.securityfocus.com/bid/11600

exchange.xforce.ibmcloud.com/vulnerabilities/17944

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.036 Low

EPSS

Percentile

91.7%

JSON

Related for CVE-2004-2220

cvelist1