Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0937

Published: 09/02/2005 Updated: 09/04/2021
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Sophos Anti-Virus prior to 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me prior to 3.88.0, allows remote malicious users to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

eset software nod32 antivirus 1.0.11

kaspersky lab kaspersky anti-virus 4.0

sophos sophos small business suite 1.0

sophos sophos anti-virus 3.83

archive zip archive zip 1.13

mcafee antivirus engine 4.3.20

kaspersky lab kaspersky anti-virus 5.0

ca etrust antivirus 7.0 sp2

sophos sophos anti-virus 3.80

sophos sophos anti-virus 3.81

eset software nod32 antivirus 1.0.12

sophos sophos anti-virus 3.86

sophos sophos anti-virus 3.78

rav antivirus rav antivirus desktop 8.6

rav antivirus rav antivirus for mail servers 8.4.2

rav antivirus rav antivirus for file servers 1.0

sophos sophos anti-virus 3.82

sophos sophos anti-virus 3.79

sophos sophos puremessage anti-virus 4.6

sophos sophos anti-virus 3.78d

sophos sophos anti-virus 3.4.6

ca etrust secure content manager 1.0

eset software nod32 antivirus 1.0.13

sophos sophos anti-virus 3.84

kaspersky lab kaspersky anti-virus 3.0

sophos sophos anti-virus 3.85

broadcom brightstor arcserve backup 11.1

broadcom etrust antivirus 7.0

broadcom etrust antivirus 7.1

broadcom etrust antivirus gateway 7.0

broadcom etrust antivirus gateway 7.1

broadcom etrust ez antivirus 6.1

broadcom etrust ez antivirus 6.2

broadcom etrust ez antivirus 6.3

broadcom etrust ez armor 2.0

broadcom etrust ez armor 2.3

broadcom etrust ez armor 2.4

broadcom etrust intrusion detection 1.4.1.13

broadcom etrust intrusion detection 1.4.5

broadcom etrust intrusion detection 1.5

broadcom etrust secure content manager 1.0

broadcom etrust secure content manager 1.1

broadcom inoculateit 6.0

suse suse linux 9.2

mandrakesoft mandrake linux 10.1

gentoo linux 1.4

gentoo linux

Exploits

Exploit DB: Multiple AntiVirus - '.zip' Detection Bypass
/* zipbrkc - Proof-of-Concept for CAN-2004-0932 - CAN-2004-0937 Copyright (C) 2004 oc192 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version This program is d ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/11448http://www.kb.cert.org/vuls/id/968818http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=truehttps://exchange.xforce.ibmcloud.com/vulnerabilities/17761https://nvd.nist.govhttps://www.exploit-db.com/exploits/629/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080log injectionCVE-2024-6041CVE-2024-37661XML external entityCVE-2024-0845privilege escalationCVE-2023-37057CVE-2024-27801
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook