CVE-2004-1096
Last modified
CVE-2004-1096 is a vulnerability of currently unknown severity. Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.. EPSS estimates a 17.44% chance of exploitation in the next 30 days.
Description
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Broadcom | Brightstor Arcserve Backup | 11.1 | — |
| Broadcom | Etrust Antivirus | 7.0 | — |
| Broadcom | Etrust Antivirus | 7.1 | — |
| Broadcom | Etrust Antivirus Gateway | 7.0 | — |
| Broadcom | Etrust Antivirus Gateway | 7.1 | — |
| Broadcom | Etrust Ez Antivirus | 6.1 | — |
| Broadcom | Etrust Ez Antivirus | 6.2 | — |
| Broadcom | Etrust Ez Antivirus | 6.3 | — |
| Broadcom | Etrust Ez Armor | 2.0 | — |
| Broadcom | Etrust Ez Armor | 2.3 | — |
| Broadcom | Etrust Ez Armor | 2.4 | — |
| Broadcom | Etrust Intrusion Detection | 1.4.1.13 | — |
| Broadcom | Etrust Intrusion Detection | 1.4.5 | — |
| Broadcom | Etrust Intrusion Detection | 1.5 | — |
| Broadcom | Etrust Secure Content Manager | 1.0 | — |
| Broadcom | Etrust Secure Content Manager | 1.1 | — |
| Broadcom | Inoculateit | 6.0 | — |
| Ca | Etrust Antivirus | 7.0_sp2 | — |
| Ca | Etrust Secure Content Manager | 1.0 | Sp1 |
| Eset Software | Nod32 Antivirus | 1.0.11 | — |
| Eset Software | Nod32 Antivirus | 1.0.12 | — |
| Eset Software | Nod32 Antivirus | 1.0.13 | — |
| Kaspersky Lab | Kaspersky Anti-Virus | 3.0 | — |
| Kaspersky Lab | Kaspersky Anti-Virus | 4.0 | — |
| Kaspersky Lab | Kaspersky Anti-Virus | 5.0 | — |
| Mcafee | Antivirus Engine | 4.3.20 | — |
| Rav Antivirus | Rav Antivirus Desktop | 8.6 | — |
| Rav Antivirus | Rav Antivirus For File Servers | 1.0 | — |
| Rav Antivirus | Rav Antivirus For Mail Servers | 8.4.2 | — |
| Sophos | Sophos Anti-Virus | 3.4.6 | — |
| Sophos | Sophos Anti-Virus | 3.78 | — |
| Sophos | Sophos Anti-Virus | 3.78d | — |
| Sophos | Sophos Anti-Virus | 3.79 | — |
| Sophos | Sophos Anti-Virus | 3.80 | — |
| Sophos | Sophos Anti-Virus | 3.81 | — |
| Sophos | Sophos Anti-Virus | 3.82 | — |
| Sophos | Sophos Anti-Virus | 3.83 | — |
| Sophos | Sophos Anti-Virus | 3.84 | — |
| Sophos | Sophos Anti-Virus | 3.85 | — |
| Sophos | Sophos Anti-Virus | 3.86 | — |
| Sophos | Sophos Puremessage Anti-Virus | 4.6 | — |
| Sophos | Sophos Small Business Suite | 1.0 | — |
| Gentoo | Linux | All versions | — |
| Gentoo | Linux | 1.4 | — |
| Mandrakesoft | Mandrake Linux | 10.1 | — |
| Suse | Suse Linux | 9.2 | — |
References
- http://www.gentoo.org/security/en/glsa/glsa-200410-31.xmlPatch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/492545US Government Resource
- http://www.securityfocus.com/bid/11448Exploit, Patch, Vendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200410-31.xmlPatch, Vendor Advisory
- http://www.kb.cert.org/vuls/id/492545US Government Resource
- http://www.securityfocus.com/bid/11448Exploit, Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2004-1096?
How severe is CVE-2004-1096?
How do I fix CVE-2004-1096?
Are you affected by CVE-2004-1096?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST