Vulnerability Description
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Archive Zip | Archive Zip | 1.13 |
| Broadcom | Brightstor Arcserve Backup | 11.1 |
| Broadcom | Etrust Antivirus | 7.0 |
| Broadcom | Etrust Antivirus Gateway | 7.0 |
| Broadcom | Etrust Ez Antivirus | 6.1 |
| Broadcom | Etrust Ez Armor | 2.0 |
| Broadcom | Etrust Intrusion Detection | 1.4.1.13 |
| Broadcom | Etrust Secure Content Manager | 1.0 |
| Broadcom | Inoculateit | 6.0 |
| Ca | Etrust Antivirus | 7.0_sp2 |
| Ca | Etrust Secure Content Manager | 1.0 |
| Eset Software | Nod32 Antivirus | 1.0.11 |
| Kaspersky Lab | Kaspersky Anti-Virus | 3.0 |
| Mcafee | Antivirus Engine | 4.3.20 |
| Rav Antivirus | Rav Antivirus Desktop | 8.6 |
| Rav Antivirus | Rav Antivirus For File Servers | 1.0 |
| Rav Antivirus | Rav Antivirus For Mail Servers | 8.4.2 |
| Sophos | Sophos Anti-Virus | 3.4.6 |
| Sophos | Sophos Puremessage Anti-Virus | 4.6 |
| Sophos | Sophos Small Business Suite | 1.0 |
References
- http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp
- http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flas
- http://www.securityfocus.com/bid/11448ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17761
- http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp
- http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flas
- http://www.securityfocus.com/bid/11448ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17761
FAQ
What is CVE-2004-0933?
CVE-2004-0933 is a vulnerability with a CVSS score of 7.5 (HIGH). Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 th...
How severe is CVE-2004-0933?
CVE-2004-0933 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-0933?
Check the references section above for vendor advisories and patch information. Affected products include: Archive Zip Archive Zip, Broadcom Brightstor Arcserve Backup, Broadcom Etrust Antivirus, Broadcom Etrust Antivirus Gateway, Broadcom Etrust Ez Antivirus.