13 matches found
CVE-2004-0935
CVE-2004-0935 affects Eset Anti-Virus prior to 1.020. A ZIP archive with both local and global headers set to zero could bypass antivirus protection and allow a malicious file to be opened on the target system. PoC/proofs of concept code and advisories (e.g., iDEFENSE CAN references) document det...
CVE-2004-0936
CVE-2004-0936 refers to a ZIP header manipulation vulnerability affecting anti-virus engines (notably RAV) where both local and global ZIP headers can be set to zero, allowing a compressed file to bypass protection and still be opened. The connected sources describe a proof-of-concept and public ...
CVE-2004-0937
CVE-2004-0937 affects Sophos Anti-Virus prior to 3.87.0 and Sophos Anti-Virus for Windows 95/98/Me prior to 3.88.0. The issue allows remote attackers to bypass antivirus protection by delivering a ZIP archive whose local and global headers are set to zero, yet the archive can still be opened on t...
CVE-2004-0933
CVE-2004-0933 affects Computer Associates CA InoculateIT 6.0, eTrust Antivirus (r6.0–r7.1), eTrust Antivirus for the Gateway (r7.0–r7.1), eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor (2.0–2.4), and EZ-Antivirus (6.1–6.3). The issue is a ZIP header handling flaw that lets re...
CVE-2004-0932
The CVE-2004-0932 issue affects McAfee Anti-Virus Engine DATS drivers before 4398 (and the DATS Driver before 4397). A crafted ZIP archive with both local and global headers set to zero can bypass antivirus protection and still be opened on the target system. This is a remote-exploitation-style b...
CVE-2004-0934
CVE-2004-0934 affects Kaspersky antivirus engines 3.x through 4.x. The connected material shows a ZIP archive header manipulation vulnerability where both the local and global headers can be set to zero, allowing the compressed file to be opened while bypassing protection. A PoC exists in ZIP han...
CVE-2004-1096
Archive::Zip (Perl) before 1.14 is affected; antivirus tools like amavisd-new can bypass protection by processing a ZIP with both local and global headers zeroed. The description notes the issue but does not specify fixed versions or patches in the provided sources. No exploitation details are gi...
CVE-2005-1693
CVE-2005-1693 involves an integer overflow in the Computer Associates Vet Antivirus library used by CA InoculateIT 6.0, eTrust Antivirus (r6.0–7.1), eTrust Antivirus for the Gateway (r7.0–r7.1), eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup r11.1, Vet Antiv...
CVE-2004-2092
CVE-2004-2092 affects eTrust InoculateIT for Linux 6.0. The issue is insecure permissions on multiple files/directories, including the application’s registry and tmp directories, enabling local users to delete, modify, or inspect sensitive information. Underlying cause: improper access controls o...
CVE-2001-0625
The CVE-2001-0625 issue affects Computer Associates InoculateIT 6.0, where ftpdownload is vulnerable to a local symlink attack on /tmp/ftpdownload.log. This allows a local attacker to overwrite arbitrary files. The vulnerability is triggered by manipulating filesystem paths used by ftpdownload, e...
CVE-1999-1368
Technical details about CVE-1999-1368 are not publicly provided in the supplied documents; no explicit affected products, versions, or remediation are listed. Monitor for updates.
CVE-2004-0267
The CVE-2004-0267 issue affects eTrust InoculateIT for Linux 6.0, where the inoregupdate, uniftest, and unimove scripts allow local users to overwrite arbitrary files via a symlink attack on /tmp. Root cause: local permission/symlink abuse in those scripts. Impact: local users could modify arbitr...
CVE-2002-2285
Vulnerability summary: In eTrust InoculateIT 6.0, enabling the "Incremental Scan" option may certify a file as virus-free before it is fully downloaded, allowing a bypass of virus detection. Affected product/version: eTrust InoculateIT 6.0. Root cause / behavior: premature virus validation during...