CVE-2004-0937

First published: Fri Nov 19 2004(Updated: )

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Credit: cve@mitre.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/references
• agent/type
• collector/mitre-cve
• source/MITRE
• agent/severity
• agent/remedy
• agent/weakness
• agent/author
• agent/last-modified-date
• agent/first-publish-date
• agent/description
• agent/event
• agent/source
• agent/softwarecombine
• agent/tags
• collector/nvd-historical
• agent/software-canonical-lookup-request
• collector/nvd-index
• vendor/eset software
• canonical/eset nod32 antivirus
• version/eset nod32 antivirus/1.0.11
• vendor/kaspersky lab
• canonical/kaspersky anti-virus
• version/kaspersky anti-virus/4.0
• vendor/sophos
• canonical/sophos small business suite
• version/sophos small business suite/1.0
• canonical/sophos anti-virus
• version/sophos anti-virus/3.83
• vendor/archive zip
• canonical/perl archive::zip
• version/perl archive::zip/1.13
• vendor/mcafee
• canonical/mcafee anti-malware scan engine
• version/mcafee anti-malware scan engine/4.3.20
• version/kaspersky anti-virus/5.0
• vendor/ca
• canonical/broadcom etrust antivirus
• version/broadcom etrust antivirus/7.0_sp2
• version/sophos anti-virus/3.80
• version/sophos anti-virus/3.81
• version/eset nod32 antivirus/1.0.12
• version/sophos anti-virus/3.86
• version/sophos anti-virus/3.78
• vendor/rav antivirus
• canonical/rav antivirus desktop
• version/rav antivirus desktop/8.6
• canonical/rav antivirus for mail servers
• version/rav antivirus for mail servers/8.4.2
• canonical/rav antivirus for file servers
• version/rav antivirus for file servers/1.0
• version/sophos anti-virus/3.82
• version/sophos anti-virus/3.79
• canonical/sophos puremessage anti-virus
• version/sophos puremessage anti-virus/4.6
• version/sophos anti-virus/3.78d
• version/sophos anti-virus/3.4.6
• canonical/broadcom secure content manager
• version/broadcom secure content manager/1.0-sp1
• version/eset nod32 antivirus/1.0.13
• version/sophos anti-virus/3.84
• version/kaspersky anti-virus/3.0
• version/sophos anti-virus/3.85
• vendor/broadcom
• canonical/ca brightstor arcserve backup
• version/ca brightstor arcserve backup/11.1
• version/broadcom etrust antivirus/7.0
• version/broadcom etrust antivirus/7.1
• canonical/ca etrust anti-virus gateway
• version/ca etrust anti-virus gateway/7.0
• version/ca etrust anti-virus gateway/7.1
• canonical/broadcom etrust ez antivirus
• version/broadcom etrust ez antivirus/6.1
• version/broadcom etrust ez antivirus/6.2
• version/broadcom etrust ez antivirus/6.3
• canonical/broadcom etrust ez armor
• version/broadcom etrust ez armor/2.0
• version/broadcom etrust ez armor/2.3
• version/broadcom etrust ez armor/2.4
• canonical/broadcom etrust intrusion detection
• version/broadcom etrust intrusion detection/1.4.1.13
• version/broadcom etrust intrusion detection/1.4.5
• version/broadcom etrust intrusion detection/1.5
• version/broadcom secure content manager/1.0
• version/broadcom secure content manager/1.1
• canonical/inoculateit
• version/inoculateit/6.0
• vendor/suse
• canonical/suse linux
• version/suse linux/9.2
• vendor/mandrakesoft
• canonical/mandrake linux
• version/mandrake linux/10.1
• vendor/gentoo
• canonical/gentoo linux
• version/gentoo linux/1.4