CVE-2004-0934
Multiple AntiVirus - '.zip' Detection Bypass
Severity Score
6.2
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
iDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability. Multiple anti-virus vendors including McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV are affected. The problem specifically exists in the parsing of .zip archive headers. It is possible to modify the uncompressed size of archived files in both the local and global header without affecting functionality. An attacker can compress a malicious payload and evade detection by some anti-virus software by modifying the uncompressed size within the local and global headers to zero.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2004-10-04 CVE Reserved
- 2004-10-26 CVE Published
- 2004-11-14 First Exploit
- 2024-08-08 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true | Third Party Advisory | |
| http://www.kb.cert.org/vuls/id/968818 | Third Party Advisory |
|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/629 | 2004-11-14 | |
| http://www.securityfocus.com/bid/11448 | 2024-08-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Archive Zip Search vendor "Archive Zip" | Archive Zip Search vendor "Archive Zip" for product "Archive Zip" | 1.13 Search vendor "Archive Zip" for product "Archive Zip" and version "1.13" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Search vendor "Broadcom" for product "Brightstor Arcserve Backup" | 11.1 Search vendor "Broadcom" for product "Brightstor Arcserve Backup" and version "11.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Antivirus Search vendor "Broadcom" for product "Etrust Antivirus" | 7.0 Search vendor "Broadcom" for product "Etrust Antivirus" and version "7.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Antivirus Search vendor "Broadcom" for product "Etrust Antivirus" | 7.1 Search vendor "Broadcom" for product "Etrust Antivirus" and version "7.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Antivirus Gateway Search vendor "Broadcom" for product "Etrust Antivirus Gateway" | 7.0 Search vendor "Broadcom" for product "Etrust Antivirus Gateway" and version "7.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Antivirus Gateway Search vendor "Broadcom" for product "Etrust Antivirus Gateway" | 7.1 Search vendor "Broadcom" for product "Etrust Antivirus Gateway" and version "7.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Antivirus Search vendor "Broadcom" for product "Etrust Ez Antivirus" | 6.1 Search vendor "Broadcom" for product "Etrust Ez Antivirus" and version "6.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Antivirus Search vendor "Broadcom" for product "Etrust Ez Antivirus" | 6.2 Search vendor "Broadcom" for product "Etrust Ez Antivirus" and version "6.2" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Antivirus Search vendor "Broadcom" for product "Etrust Ez Antivirus" | 6.3 Search vendor "Broadcom" for product "Etrust Ez Antivirus" and version "6.3" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Armor Search vendor "Broadcom" for product "Etrust Ez Armor" | 2.0 Search vendor "Broadcom" for product "Etrust Ez Armor" and version "2.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Armor Search vendor "Broadcom" for product "Etrust Ez Armor" | 2.3 Search vendor "Broadcom" for product "Etrust Ez Armor" and version "2.3" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Ez Armor Search vendor "Broadcom" for product "Etrust Ez Armor" | 2.4 Search vendor "Broadcom" for product "Etrust Ez Armor" and version "2.4" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Intrusion Detection Search vendor "Broadcom" for product "Etrust Intrusion Detection" | 1.4.1.13 Search vendor "Broadcom" for product "Etrust Intrusion Detection" and version "1.4.1.13" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Intrusion Detection Search vendor "Broadcom" for product "Etrust Intrusion Detection" | 1.4.5 Search vendor "Broadcom" for product "Etrust Intrusion Detection" and version "1.4.5" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Intrusion Detection Search vendor "Broadcom" for product "Etrust Intrusion Detection" | 1.5 Search vendor "Broadcom" for product "Etrust Intrusion Detection" and version "1.5" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Secure Content Manager Search vendor "Broadcom" for product "Etrust Secure Content Manager" | 1.0 Search vendor "Broadcom" for product "Etrust Secure Content Manager" and version "1.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Etrust Secure Content Manager Search vendor "Broadcom" for product "Etrust Secure Content Manager" | 1.1 Search vendor "Broadcom" for product "Etrust Secure Content Manager" and version "1.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Inoculateit Search vendor "Broadcom" for product "Inoculateit" | 6.0 Search vendor "Broadcom" for product "Inoculateit" and version "6.0" | - |
Affected
| ||||||
| Ca Search vendor "Ca" | Etrust Antivirus Search vendor "Ca" for product "Etrust Antivirus" | 7.0_sp2 Search vendor "Ca" for product "Etrust Antivirus" and version "7.0_sp2" | - |
Affected
| ||||||
| Ca Search vendor "Ca" | Etrust Secure Content Manager Search vendor "Ca" for product "Etrust Secure Content Manager" | 1.0 Search vendor "Ca" for product "Etrust Secure Content Manager" and version "1.0" | sp1 |
Affected
| ||||||
| Eset Software Search vendor "Eset Software" | Nod32 Antivirus Search vendor "Eset Software" for product "Nod32 Antivirus" | 1.0.11 Search vendor "Eset Software" for product "Nod32 Antivirus" and version "1.0.11" | - |
Affected
| ||||||
| Eset Software Search vendor "Eset Software" | Nod32 Antivirus Search vendor "Eset Software" for product "Nod32 Antivirus" | 1.0.12 Search vendor "Eset Software" for product "Nod32 Antivirus" and version "1.0.12" | - |
Affected
| ||||||
| Eset Software Search vendor "Eset Software" | Nod32 Antivirus Search vendor "Eset Software" for product "Nod32 Antivirus" | 1.0.13 Search vendor "Eset Software" for product "Nod32 Antivirus" and version "1.0.13" | - |
Affected
| ||||||
| Kaspersky Lab Search vendor "Kaspersky Lab" | Kaspersky Anti-virus Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" | 3.0 Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" and version "3.0" | - |
Affected
| ||||||
| Kaspersky Lab Search vendor "Kaspersky Lab" | Kaspersky Anti-virus Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" | 4.0 Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" and version "4.0" | - |
Affected
| ||||||
| Kaspersky Lab Search vendor "Kaspersky Lab" | Kaspersky Anti-virus Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" | 5.0 Search vendor "Kaspersky Lab" for product "Kaspersky Anti-virus" and version "5.0" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Antivirus Engine Search vendor "Mcafee" for product "Antivirus Engine" | 4.3.20 Search vendor "Mcafee" for product "Antivirus Engine" and version "4.3.20" | - |
Affected
| ||||||
| Rav Antivirus Search vendor "Rav Antivirus" | Rav Antivirus Desktop Search vendor "Rav Antivirus" for product "Rav Antivirus Desktop" | 8.6 Search vendor "Rav Antivirus" for product "Rav Antivirus Desktop" and version "8.6" | - |
Affected
| ||||||
| Rav Antivirus Search vendor "Rav Antivirus" | Rav Antivirus For File Servers Search vendor "Rav Antivirus" for product "Rav Antivirus For File Servers" | 1.0 Search vendor "Rav Antivirus" for product "Rav Antivirus For File Servers" and version "1.0" | - |
Affected
| ||||||
| Rav Antivirus Search vendor "Rav Antivirus" | Rav Antivirus For Mail Servers Search vendor "Rav Antivirus" for product "Rav Antivirus For Mail Servers" | 8.4.2 Search vendor "Rav Antivirus" for product "Rav Antivirus For Mail Servers" and version "8.4.2" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.4.6 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.4.6" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.78 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.78" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.78d Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.78d" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.79 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.79" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.80 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.80" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.81 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.81" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.82 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.82" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.83 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.83" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.84 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.84" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.85 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.85" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 3.86 Search vendor "Sophos" for product "Sophos Anti-virus" and version "3.86" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Puremessage Anti-virus Search vendor "Sophos" for product "Sophos Puremessage Anti-virus" | 4.6 Search vendor "Sophos" for product "Sophos Puremessage Anti-virus" and version "4.6" | - |
Affected
| ||||||
| Sophos Search vendor "Sophos" | Sophos Small Business Suite Search vendor "Sophos" for product "Sophos Small Business Suite" | 1.0 Search vendor "Sophos" for product "Sophos Small Business Suite" and version "1.0" | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | * | - |
Affected
| ||||||
| Gentoo Search vendor "Gentoo" | Linux Search vendor "Gentoo" for product "Linux" | 1.4 Search vendor "Gentoo" for product "Linux" and version "1.4" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Search vendor "Mandrakesoft" for product "Mandrake Linux" | 10.1 Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "10.1" | - |
Affected
| ||||||
| Mandrakesoft Search vendor "Mandrakesoft" | Mandrake Linux Search vendor "Mandrakesoft" for product "Mandrake Linux" | 10.1 Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "10.1" | x86_64 |
Affected
| ||||||
| Suse Search vendor "Suse" | Suse Linux Search vendor "Suse" for product "Suse Linux" | 9.2 Search vendor "Suse" for product "Suse Linux" and version "9.2" | - |
Affected
| ||||||