CVE-2004-1096

Name of the Vulnerable Software and Affected Versions: Archive::Zip Perl module versions prior to 1.14

Description: The issue allows remote attackers to bypass antivirus protection by using a compressed file with both local and global headers set to zero. This type of file can still be opened on a target system, despite the headers being set to zero. The problem is particularly relevant when the Archive::Zip Perl module is used by antivirus programs such as amavisd-new.

Recommendations: For Archive::Zip Perl module versions prior to 1.14, update to version 1.14 or later to resolve the issue. As a temporary workaround, consider restricting the handling of compressed files with zero local and global headers to minimize the risk of exploitation.