CVE-2004-0937

high

Trellix

CVSS v3 Base Score

7.5

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS Score

13.2%

Exploitation probability in 30 days

Top 6% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: February 9, 2005 (7764 days ago)

Last Modified: April 16, 2026

Vendor: Trellix

Source: NVD

Description

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CWE

NVD-CWE-Other

Affected Products

archive zip archive zipbroadcom brightstor arcserve backupbroadcom etrust antivirusbroadcom etrust antivirus gatewaybroadcom etrust ez antivirusbroadcom etrust ez armorbroadcom etrust intrusion detectionbroadcom etrust secure content managerbroadcom inoculateitca etrust antivirus

References

🔗 www.idefense.com 🔗 www.kb.cert.org 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com 🔗 www.idefense.com

CVE-2004-0937

Vulnerability Report

Description

CWE

Affected Products

References