CVE-2004-1096

Description

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Affected products

• Broadcom / brightstor_arcserve_backup11.1 – 11.1
• Broadcom / etrust_antivirus7.1 – 7.1
• Broadcom / etrust_antivirus7.0 – 7.0
• Broadcom / etrust_antivirus_gateway7.0 – 7.0
• Broadcom / etrust_antivirus_gateway7.1 – 7.1
• Broadcom / etrust_ez_antivirus6.1 – 6.1
• Broadcom / etrust_ez_antivirus6.2 – 6.2
• Broadcom / etrust_ez_antivirus6.3 – 6.3
• Broadcom / etrust_ez_armor2.0 – 2.0
• Broadcom / etrust_ez_armor2.3 – 2.3
• Broadcom / etrust_ez_armor2.4 – 2.4
• Broadcom / etrust_intrusion_detection1.4.1.13 – 1.4.1.13
• Broadcom / etrust_intrusion_detection1.4.5 – 1.4.5
• Broadcom / etrust_intrusion_detection1.5 – 1.5
• Broadcom / etrust_secure_content_manager1.0 – 1.0
• Broadcom / etrust_secure_content_manager1.1 – 1.1
• Broadcom / inoculateit6.0 – 6.0
• ca / etrust_antivirus7.0_sp2 – 7.0_sp2
• ca / etrust_secure_content_manager1.0 – 1.0
• eset_software / nod32_antivirus1.0.11 – 1.0.11
• eset_software / nod32_antivirus1.0.12 – 1.0.12
• eset_software / nod32_antivirus1.0.13 – 1.0.13
• gentoo / linux1.4 – 1.4
• gentoo / linux
• Kaspersky Lab / kaspersky_anti-virus4.0 – 4.0
• Kaspersky Lab / kaspersky_anti-virus3.0 – 3.0
• Kaspersky Lab / kaspersky_anti-virus5.0 – 5.0
• mandrakesoft / mandrake_linux10.1 – 10.1
• mandrakesoft / mandrake_linux10.1 – 10.1
• McAfee / antivirus_engine4.3.20 – 4.3.20
• rav_antivirus / rav_antivirus_desktop8.6 – 8.6
• rav_antivirus / rav_antivirus_for_file_servers1.0 – 1.0
• rav_antivirus / rav_antivirus_for_mail_servers8.4.2 – 8.4.2
• Sophos / sophos_anti-virus3.81 – 3.81
• Sophos / sophos_anti-virus3.82 – 3.82
• Sophos / sophos_anti-virus3.83 – 3.83
• Sophos / sophos_anti-virus3.85 – 3.85
• Sophos / sophos_anti-virus3.86 – 3.86
• Sophos / sophos_anti-virus3.84 – 3.84
• Sophos / sophos_anti-virus3.4.6 – 3.4.6
• Sophos / sophos_anti-virus3.78 – 3.78
• Sophos / sophos_anti-virus3.78d – 3.78d
• Sophos / sophos_anti-virus3.79 – 3.79
• Sophos / sophos_anti-virus3.80 – 3.80
• Sophos / sophos_puremessage_anti-virus4.6 – 4.6
• Sophos / sophos_small_business_suite1.0 – 1.0
• SUSE / suse_linux9.2 – 9.2

References

• VENDOR_ADVISORYhttp://secunia.com/advisories/13038/
• VENDOR_ADVISORYhttp://www.mandriva.com/security/advisories?name=MDKSA-2004:118
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/17761
• MISChttp://www.kb.cert.org/vuls/id/492545
• MISChttp://www.securityfocus.com/bid/11448
• MISChttp://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true
• MISChttp://www.gentoo.org/security/en/glsa/glsa-200410-31.xml