Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0932

4 documents4 sources

Severity

7.5HIGH

EPSS

43.6%

top 2.48%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Archive ZIP Archive ZIP Broadcom Brightstor Arcserve Backup Broadcom Etrust Antivirus +20 more

Timeline

PublishedJan 27

Latest updateApr 29

Description

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages22 packages

▶NVDmcafee/antivirus_engine4.3.20

▶NVDca/etrust_antivirus7.0_sp2

▶NVDbroadcom/etrust_antivirus7.0, 7.1+1

▶NVDrav_antivirus/rav_antivirus1.0, 8.4.2+1

▶NVDbroadcom/etrust_ez_antivirus6.1, 6.2, 6.3+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-64cg-gc22-5wq3: McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to by↗2022-04-29

▶

CVEList

CVE-2004-0932: McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to by↗2004-11-19

▶

💥Exploits & PoCs

Exploit-DB

Multiple AntiVirus - '.zip' Detection Bypass↗2004-11-14

▶