CVE-2004-0934

2005-01-2705:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

kaspersky

antivirus

bypass

vulnerability

cve-2004-0934

nvd

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.964 High

EPSS

Percentile

99.6%

JSON

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CPENameOperatorVersion
eset_software:nod32_antiviruseset software nod32 antiviruseq1.0.11
kaspersky_lab:kaspersky_anti-viruskaspersky lab kaspersky anti-viruseq4.0
sophos:sophos_small_business_suitesophos sophos small business suiteeq1.0
sophos:sophos_anti-virussophos sophos anti-viruseq3.83
archive_zip:archive_ziparchive zipeq1.13
mcafee:antivirus_enginemcafee antivirus engineeq4.3.20
kaspersky_lab:kaspersky_anti-viruskaspersky lab kaspersky anti-viruseq5.0
ca:etrust_antivirusca etrust antiviruseq7.0_sp2
sophos:sophos_anti-virussophos sophos anti-viruseq3.80
sophos:sophos_anti-virussophos sophos anti-viruseq3.81

CPE	Name	Operator	Version
eset_software:nod32_antivirus	eset software nod32 antivirus	eq	1.0.11
kaspersky_lab:kaspersky_anti-virus	kaspersky lab kaspersky anti-virus	eq	4.0
sophos:sophos_small_business_suite	sophos sophos small business suite	eq	1.0
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	3.83
archive_zip:archive_zip	archive zip	eq	1.13
mcafee:antivirus_engine	mcafee antivirus engine	eq	4.3.20
kaspersky_lab:kaspersky_anti-virus	kaspersky lab kaspersky anti-virus	eq	5.0
ca:etrust_antivirus	ca etrust antivirus	eq	7.0_sp2
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	3.80
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	3.81