Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0934

4 documents4 sources

Severity

7.5HIGH

EPSS

39.9%

top 2.67%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Archive ZIP Archive ZIP Broadcom Brightstor Arcserve Backup Broadcom Etrust Antivirus +20 more

Timeline

PublishedJan 27

Latest updateApr 29

Description

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages22 packages

▶NVDca/etrust_antivirus7.0_sp2

▶NVDmcafee/antivirus_engine4.3.20

▶NVDbroadcom/etrust_antivirus7.0, 7.1+1

▶NVDrav_antivirus/rav_antivirus1.0, 8.4.2+1

▶NVDbroadcom/etrust_ez_antivirus6.1, 6.2, 6.3+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-gwc5-jmr7-4xw5: Kaspersky 3↗2022-04-29

▶

CVEList

CVE-2004-0934: Kaspersky 3↗2004-11-19

▶

💥Exploits & PoCs

Exploit-DB

Multiple AntiVirus - '.zip' Detection Bypass↗2004-11-14

▶