{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-10-29T00:00:00", "descriptions": [{"lang": "en", "value": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "13038", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/13038/"}, {"name": "MDKSA-2004:118", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"}, {"name": "antivirus-zip-protection-bypass(17761)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"}, {"name": "VU#492545", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/492545"}, {"name": "11448", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/11448"}, {"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true"}, {"name": "GLSA-200410-31", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-1096", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "13038", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/13038/"}, {"name": "MDKSA-2004:118", "refsource": "MANDRAKE", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"}, {"name": "antivirus-zip-protection-bypass(17761)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"}, {"name": "VU#492545", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/492545"}, {"name": "11448", "refsource": "BID", "url": "http://www.securityfocus.com/bid/11448"}, {"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability", "refsource": "IDEFENSE", "url": "http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true"}, {"name": "GLSA-200410-31", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T00:39:00.876Z"}, "title": "CVE Program Container", "references": [{"name": "13038", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/13038/"}, {"name": "MDKSA-2004:118", "tags": ["vendor-advisory", "x_refsource_MANDRAKE", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"}, {"name": "antivirus-zip-protection-bypass(17761)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"}, {"name": "VU#492545", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/492545"}, {"name": "11448", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/11448"}, {"name": "20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true"}, {"name": "GLSA-200410-31", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-1096", "datePublished": "2004-12-01T05:00:00", "dateReserved": "2004-11-30T00:00:00", "dateUpdated": "2024-08-08T00:39:00.876Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB32FD77-F67F-4D62-B9F1-46F4569ACBEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "8A08C715-A351-466D-99EC-006C106A3366", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "22CF966A-4CF2-4E39-AF54-DD1B0A7B45EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "7DD2FE1C-8894-41EC-B686-932F0ACC41C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "B7D938FC-E8E6-4709-BF6D-EF4833AF7D7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "2965C064-ED03-4BBD-B984-827BA9B1B100", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "E6720C0A-9509-4BB1-8E86-8545429D9F97", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C61D9546-7619-465B-B3CA-C60218CD574B", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "95B192C7-1FC3-4D18-A17F-E3414BF56713", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "217ED722-3ECD-47B5-8AB3-E1789675D1C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "511E44CE-86E6-4777-9AEC-9C9A5DA2FAAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "B65AC50D-032F-4D8E-AC46-6AD69AC4B16F", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "18F12F09-BFCC-430B-BDC0-38643E90C10A", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "6F9F9A7A-CC5E-42FD-87F7-4E7473A903D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "69184A5E-4FA9-4896-B6E8-1B9D4D62D099", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "3CAE9329-AA34-4F56-B4BE-B028F021173B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*", "matchCriteriaId": "37BDDF08-C3D9-4714-91CB-F865BBF9FCE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "5005F6FB-8808-4FA0-9EFF-F50A94419E2A", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "38649A99-9442-4D2C-9EB7-4D80D88BCE04", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "7150969B-8948-4CCA-8393-CFFD433B4127", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "C276FE8A-3B0A-45CA-8A54-63A6A8736CEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D956EAC6-33D5-4AAA-8243-3B7F7EB752BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "E9F6F088-C4B7-4329-8749-13F595C35246", "vulnerable": true}, {"criteria": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4929AEC-F64E-4FCE-B052-921E295D5255", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*", "matchCriteriaId": "FA4BA9DA-01B1-4C51-A8B2-DF9804E114B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*", "matchCriteriaId": "8652A87A-8958-442B-A244-709BAB5DF079", "vulnerable": true}, {"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "9637D108-5CE4-4768-9EB2-79C0CAADBA6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "30FC6F7F-B521-422D-8D8F-84D70F8A100A", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "22A1739A-B77D-4CD6-9943-52B336EC2F22", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*", "matchCriteriaId": "40D4EB83-A8A4-48F2-A835-FA192ADB3BFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*", "matchCriteriaId": "1609D51F-41D1-441C-9EA8-3F0510D8ED8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*", "matchCriteriaId": "3ABBFB36-0A7C-45ED-9907-867F31884113", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*", "matchCriteriaId": "23543D87-E4B6-4B74-A490-378D45AA3481", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*", "matchCriteriaId": "E4DBC8E3-0344-413A-8C4A-F48CBAAFAB91", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*", "matchCriteriaId": "28C3AD19-26F4-4AFF-8207-86017509EECC", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*", "matchCriteriaId": "8EFC7217-88A6-4241-8FD9-4B7E2683F696", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*", "matchCriteriaId": "FDC8C9FC-9D35-455D-9597-3B2E63845B10", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*", "matchCriteriaId": "E07255F9-5726-4FDB-81A3-D0D55AD1F709", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*", "matchCriteriaId": "DD1A8D69-0A33-4F47-B1BA-8BC898A3E7EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "1760B35D-15A5-413B-8C04-4A3668821ACD", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "28059D6E-6505-408B-81FE-9B91FC9AE849", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*", "matchCriteriaId": "647BA336-5538-4972-9271-383A0EC9378E", "vulnerable": true}, {"criteria": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "65ED9D8C-604D-4B0B-A192-C0DA4D2E9AEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "3528DABD-B821-4D23-AE12-614A9CA92C46", "vulnerable": true}, {"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*", "matchCriteriaId": "9E661D58-18DF-4CCF-9892-F873618F4535", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "CFF36BC6-6CCD-4FEE-A120-5B8C4BF5620C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system."}, {"lang": "es", "value": "El m\u00f3dulo Perl Archive::Zip anterior a 1.14, cuando se usa en programas antivirus como amavisd-new, permite a atacantes remotos saltarse la protecci\u00f3n del antivirus mediante un ficheros comprimido con cabeceras globales y locales establecido a cero, lo que no impide que el fichero comprimido sea abierto en un sistema objetivo."}], "id": "CVE-2004-1096", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-01-10T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/13038/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/492545"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/11448"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/13038/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/492545"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2004:118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/11448"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}