Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0933

4 documents4 sources
Severity
7.5HIGH
EPSS
30.0%
top 3.34%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
23
Archive ZIP Archive ZIPBroadcom Brightstor Arcserve BackupBroadcom Etrust Antivirus+20 more
Timeline
PublishedJan 27
Latest updateApr 29

Description

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages22 packages

NVDca/etrust_antivirus7.0_sp2
NVDbroadcom/etrust_ez_antivirus6.1, 6.2, 6.3+2

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-2vq2-77wm-755c: Computer Associates (CA) InoculateIT 62022-04-29
CVEList
CVE-2004-0933: Computer Associates (CA) InoculateIT 62004-11-19

💥Exploits & PoCs

1
Exploit-DB
Multiple AntiVirus - '.zip' Detection Bypass2004-11-14