PT-2004-1964 · Microsoft+2 · Windows 95+5

Published

2004-11-19

Updated

2021-04-09

CVE-2004-0937

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Sophos Anti-Virus versions prior to 3.87.0 Sophos Anti-Virus for Windows 95, 98, and Me versions prior to 3.88.0

Description: The issue allows remote attackers to bypass antivirus protection by using a compressed file with both local and global headers set to zero. This does not prevent the compressed file from being opened on a target system.

Recommendations: For Sophos Anti-Virus versions prior to 3.87.0, update to version 3.87.0 or later to resolve the issue. For Sophos Anti-Virus for Windows 95, 98, and Me versions prior to 3.88.0, update to version 3.88.0 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-0937

Affected Products

Kaspersky Anti-Virus

Sophos Anti-Virus

Sophos Anti-Virus For Windows 95

Windows 95

Windows 98

Windows Me

PT-2004-1964 · Microsoft+2 · Windows 95+5

CVE-2004-0937

Related Identifiers

Affected Products

References · 7