Description
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Product(s):
- Archive Zip 1.13
- Broadcom Brightstor ARCserve Backup 11.1
- Broadcom Brightstor ARCserve Backup 11.1 AIX Edition
- Broadcom Brightstor ARCserve Backup 11.1 Linux Edition
- Broadcom Brightstor ARCserve Backup 11.1 Macintosh Edition
- Broadcom Brightstor ARCserve Backup 11.1 Netware Edition
- Broadcom Brightstor ARCserve Backup 11.1 Solaris Edition
- Broadcom Brightstor ARCserve Backup 11.1 Tru64 Edition
- Broadcom Brightstor ARCserve Backup 11.1 Windows Edition
- Broadcom eTrust Antivirus 7.0
- Broadcom eTrust Antivirus 7.1
- Broadcom eTrust Antivirus Gateway 7.0
- Broadcom eTrust Antivirus Gateway 7.1
- Broadcom eTrust EZ Antivirus 6.1
- Broadcom eTrust EZ Antivirus 6.2
- Broadcom eTrust EZ Antivirus 6.3
- Broadcom eTrust EZ Armor 2.0
- Broadcom eTrust EZ Armor 2.3
- Broadcom eTrust EZ Armor 2.4
- Broadcom eTrust Intrusion Detection 1.4.1.13
- Broadcom eTrust Intrusion Detection 1.4.5
- Broadcom eTrust Intrusion Detection 1.5
- Broadcom eTrust Secure Content Manager 1.0
- Broadcom eTrust Secure Content Manager 1.1
- Broadcom InoculateIT 6.0
- CA eTrust Antivirus 7.0 SP2
- CA eTrust Secure Content Manager 1.0 SP1
- ESET NOD32 Antivirus 1.0.11
- ESET Software NOD32 Antivirus 1.0.12
- ESET Software NOD32 Antivirus 1.0.13
- Kaspersky Anti-Virus 3.0
- Kaspersky Lab Kaspersky Anti-Virus 4.0
- Kaspersky Anti-Virus 5.0
- McAfee McAfee Antivirus Engine 4.3.20
- RAV Antivirus RAV Antivirus Desktop 8.6
- RAV Antivirus RAV Antivirus for File Servers 1.0
- RAV Antivirus RAV Antivirus for Mail Servers 8.4.2
- Sophos Sophos Anti-Virus 3.4.6
- Sophos Sophos Anti-Virus 3.78
- Sophos Sophos Anti-Virus 3.78d
- Sophos Sophos Anti-Virus 3.79
- Sophos Sophos Anti-Virus 3.80
- Sophos Sophos Anti-Virus 3.81
- Sophos Sophos Anti-Virus 3.82
- Sophos Sophos Anti-Virus 3.83
- Sophos Sophos Anti-Virus 3.84
- Sophos Sophos Anti-Virus 3.85
- Sophos Sophos Anti-Virus 3.86
- Sophos PureMessage Anti-Virus 4.6
- Sophos Small Business Suite 1.0
- Gentoo Linux
- Gentoo Linux 1.2
- Gentoo Linux 1.4
- Gentoo Linux 1.4 -
- Gentoo Linux 1.4 rc1
- Gentoo Linux 1.4 rc2
- Gentoo Linux 1.4 rc3
- Gentoo Linux 2.1.30 r9
- Gentoo Linux 2.2.28 r7
- Gentoo Linux 2.3.30 r2
- MandrakeSoft Mandrake Linux 10.1
- Mandrakesoft Mandrake Linux 10.1 on x86_64
- SuSE SuSE Linux 9.2
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-0937, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-0937 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.