Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/11448 | Exploit Patch Vendor Advisory |
http://www.kb.cert.org/vuls/id/968818 | US Government Resource |
http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2005-02-08 21:00
Updated : 2021-04-09 10:00
NVD link : CVE-2004-0937
Mitre link : CVE-2004-0937
JSON object : View
CWE
Products Affected
broadcom
- etrust_antivirus
- etrust_antivirus_gateway
- etrust_secure_content_manager
- brightstor_arcserve_backup
- etrust_intrusion_detection
- etrust_ez_antivirus
- etrust_ez_armor
- inoculateit
mandrakesoft
- mandrake_linux
mcafee
- antivirus_engine
ca
- etrust_antivirus
- etrust_secure_content_manager
rav_antivirus
- rav_antivirus_for_file_servers
- rav_antivirus_desktop
- rav_antivirus_for_mail_servers
kaspersky_lab
- kaspersky_anti-virus
eset_software
- nod32_antivirus
sophos
- sophos_puremessage_anti-virus
- sophos_anti-virus
- sophos_small_business_suite
suse
- suse_linux
archive_zip
- archive_zip
gentoo
- linux