Strix
26.1K

CVE-2004-0933

UnknownEPSS 20.69%

Last modified

CVE-2004-0933 is a vulnerability of currently unknown severity. Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.. EPSS estimates a 20.69% chance of exploitation in the next 30 days.

Description

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Metrics

EPSS Probability
20.69%

97.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersionsUpdate
Archive ZipArchive Zip1.13
BroadcomBrightstor Arcserve Backup11.1
BroadcomEtrust Antivirus7.0
BroadcomEtrust Antivirus7.1
BroadcomEtrust Antivirus Gateway7.0
BroadcomEtrust Antivirus Gateway7.1
BroadcomEtrust Ez Antivirus6.1
BroadcomEtrust Ez Antivirus6.2
BroadcomEtrust Ez Antivirus6.3
BroadcomEtrust Ez Armor2.0
BroadcomEtrust Ez Armor2.3
BroadcomEtrust Ez Armor2.4
BroadcomEtrust Intrusion Detection1.4.1.13
BroadcomEtrust Intrusion Detection1.4.5
BroadcomEtrust Intrusion Detection1.5
BroadcomEtrust Secure Content Manager1.0
BroadcomEtrust Secure Content Manager1.1
BroadcomInoculateit6.0
CaEtrust Antivirus7.0_sp2
CaEtrust Secure Content Manager1.0Sp1
Eset SoftwareNod32 Antivirus1.0.11
Eset SoftwareNod32 Antivirus1.0.12
Eset SoftwareNod32 Antivirus1.0.13
Kaspersky LabKaspersky Anti-Virus3.0
Kaspersky LabKaspersky Anti-Virus4.0
Kaspersky LabKaspersky Anti-Virus5.0
McafeeAntivirus Engine4.3.20
Rav AntivirusRav Antivirus Desktop8.6
Rav AntivirusRav Antivirus For File Servers1.0
Rav AntivirusRav Antivirus For Mail Servers8.4.2
SophosSophos Anti-Virus3.4.6
SophosSophos Anti-Virus3.78
SophosSophos Anti-Virus3.78d
SophosSophos Anti-Virus3.79
SophosSophos Anti-Virus3.80
SophosSophos Anti-Virus3.81
SophosSophos Anti-Virus3.82
SophosSophos Anti-Virus3.83
SophosSophos Anti-Virus3.84
SophosSophos Anti-Virus3.85
SophosSophos Anti-Virus3.86
SophosSophos Puremessage Anti-Virus4.6
SophosSophos Small Business Suite1.0
GentooLinuxAll versions
GentooLinux1.4
MandrakesoftMandrake Linux10.1
SuseSuse Linux9.2

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2004-0933?
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
How severe is CVE-2004-0933?
Severity scoring for CVE-2004-0933 is pending analysis. The EPSS model estimates a 20.69% probability of exploitation in the next 30 days.
How do I fix CVE-2004-0933?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-0933?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST