CVE-2004-0936
UnknownEPSS 14.79%
Last modified
CVE-2004-0936 is a vulnerability of currently unknown severity. RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.. EPSS estimates a 14.79% chance of exploitation in the next 30 days.
Description
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Archive Zip | Archive Zip | 1.13 | — |
| Broadcom | Brightstor Arcserve Backup | 11.1 | — |
| Broadcom | Etrust Antivirus | 7.0 | — |
| Broadcom | Etrust Antivirus | 7.1 | — |
| Broadcom | Etrust Antivirus Gateway | 7.0 | — |
| Broadcom | Etrust Antivirus Gateway | 7.1 | — |
| Broadcom | Etrust Ez Antivirus | 6.1 | — |
| Broadcom | Etrust Ez Antivirus | 6.2 | — |
| Broadcom | Etrust Ez Antivirus | 6.3 | — |
| Broadcom | Etrust Ez Armor | 2.0 | — |
| Broadcom | Etrust Ez Armor | 2.3 | — |
| Broadcom | Etrust Ez Armor | 2.4 | — |
| Broadcom | Etrust Intrusion Detection | 1.4.1.13 | — |
| Broadcom | Etrust Intrusion Detection | 1.4.5 | — |
| Broadcom | Etrust Intrusion Detection | 1.5 | — |
| Broadcom | Etrust Secure Content Manager | 1.0 | — |
| Broadcom | Etrust Secure Content Manager | 1.1 | — |
| Broadcom | Inoculateit | 6.0 | — |
| Ca | Etrust Antivirus | 7.0_sp2 | — |
| Ca | Etrust Secure Content Manager | 1.0 | Sp1 |
| Eset Software | Nod32 Antivirus | 1.0.11 | — |
| Eset Software | Nod32 Antivirus | 1.0.12 | — |
| Eset Software | Nod32 Antivirus | 1.0.13 | — |
| Kaspersky Lab | Kaspersky Anti-Virus | 3.0 | — |
| Kaspersky Lab | Kaspersky Anti-Virus | 4.0 | — |
| Kaspersky Lab | Kaspersky Anti-Virus | 5.0 | — |
| Mcafee | Antivirus Engine | 4.3.20 | — |
| Rav Antivirus | Rav Antivirus Desktop | 8.6 | — |
| Rav Antivirus | Rav Antivirus For File Servers | 1.0 | — |
| Rav Antivirus | Rav Antivirus For Mail Servers | 8.4.2 | — |
| Sophos | Sophos Anti-Virus | 3.4.6 | — |
| Sophos | Sophos Anti-Virus | 3.78 | — |
| Sophos | Sophos Anti-Virus | 3.78d | — |
| Sophos | Sophos Anti-Virus | 3.79 | — |
| Sophos | Sophos Anti-Virus | 3.80 | — |
| Sophos | Sophos Anti-Virus | 3.81 | — |
| Sophos | Sophos Anti-Virus | 3.82 | — |
| Sophos | Sophos Anti-Virus | 3.83 | — |
| Sophos | Sophos Anti-Virus | 3.84 | — |
| Sophos | Sophos Anti-Virus | 3.85 | — |
| Sophos | Sophos Anti-Virus | 3.86 | — |
| Sophos | Sophos Puremessage Anti-Virus | 4.6 | — |
| Sophos | Sophos Small Business Suite | 1.0 | — |
| Gentoo | Linux | All versions | — |
| Gentoo | Linux | 1.4 | — |
| Mandrakesoft | Mandrake Linux | 10.1 | — |
| Suse | Suse Linux | 9.2 | — |
References
- http://www.kb.cert.org/vuls/id/968818US Government Resource
- http://www.securityfocus.com/bid/11448Exploit, Patch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/968818US Government Resource
- http://www.securityfocus.com/bid/11448Exploit, Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-0936?
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
How severe is CVE-2004-0936?
Severity scoring for CVE-2004-0936 is pending analysis. The EPSS model estimates a 14.79% probability of exploitation in the next 30 days.
How do I fix CVE-2004-0936?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2004-0936?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST