CVE-2004-2305 — Etrust Antivirus EE vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.3%

top 44.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Broadcom Etrust Antivirus EE

Timeline

PublishedDec 31

Latest updateApr 29

Description

Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote attackers to bypass virus scanning by including a password-protected file in a ZIP file, which causes eTrust to scan only the password protected file and skip the other files.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDbroadcom/etrust_antivirus_ee6.0, 7.0+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securitytracker.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-gv3f-qf88-98jx: Computer Associates eTrust Antivirus EE 6↗2022-04-29

▶

CVEList

CVE-2004-2305: Computer Associates eTrust Antivirus EE 6↗2005-08-16

▶