Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    201 vulnerabilities by ESET

    CVE-2025-13818 (GCVE-0-2025-13818)

    Vulnerability from nvd – Published: 2026-02-06 13:13 – Updated: 2026-02-06 14:25
    VLAI
    Title
    Local privilege escalation in ESET Management Agent for Windows
    Summary
    Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    Impacted products
    Vendor Product Version
    ESET spol s.r.o. ESET Management Agent Affected: 0 , ≤ 12.5.2104.0 (custom)
    Create a notification for this product.
    Date Public
    2026-02-06 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13818",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-06T14:23:49.218691Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-06T14:25:02.493Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "ESET Management Agent",
              "vendor": "ESET spol s.r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "12.5.2104.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2026-02-06T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent"
                }
              ],
              "value": "Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-367",
                  "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-06T13:13:47.046Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8913-eset-customer-advisory-local-privilege-escalation-via-insecure-temporary-batch-file-execution-in-eset-management-agent-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8913",
            "discovery": "UNKNOWN"
          },
          "title": "Local privilege escalation in ESET Management Agent for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2025-13818",
        "datePublished": "2026-02-06T13:13:47.046Z",
        "dateReserved": "2025-12-01T07:56:48.667Z",
        "dateUpdated": "2026-02-06T14:25:02.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4952 (GCVE-0-2025-4952)

    Vulnerability from nvd – Published: 2025-10-31 12:28 – Updated: 2025-10-31 14:18
    VLAI
    Title
    Denial-of-service vulnerability in ESET security products for Windows
    Summary
    Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Date Public
    2025-08-22 10:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-31T14:18:06.194469Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-31T14:18:16.911Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "hips"
              ],
              "platforms": [
                "Windows"
              ],
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Internet Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Smart Security Premium",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security Ultimate",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Small Business Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Safe Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2025-08-22T10:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
                }
              ],
              "value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-203",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-203 Manipulate Registry Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-31T12:28:15.267Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8853",
            "discovery": "UNKNOWN"
          },
          "title": "Denial-of-service vulnerability in ESET security products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2025-4952",
        "datePublished": "2025-10-31T12:28:15.267Z",
        "dateReserved": "2025-05-19T10:36:38.958Z",
        "dateUpdated": "2025-10-31T14:18:16.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-3779 (GCVE-0-2024-3779)

    Vulnerability from nvd – Published: 2024-07-16 08:17 – Updated: 2024-08-01 20:20
    VLAI
    Title
    Denial of Service in ESET products for Windows
    Summary
    Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Date Public
    2024-07-12 10:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3779",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T13:10:29.360811Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-16T13:10:35.421Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:20:01.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8688"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Internet Security",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Smart Security Premium",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security Ultimate",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Antivirus for Windows",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2044.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2044.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.12011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.10005.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.15002.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-07-12T10:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET\u2019s security product inoperable, provided non-default preconditions were met."
                }
              ],
              "value": "Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET\u2019s security product inoperable, provided non-default preconditions were met."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-578",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-578 Disable Security Software"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-16T08:17:59.962Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8688"
            }
          ],
          "source": {
            "advisory": "ca8688",
            "discovery": "UNKNOWN"
          },
          "title": "Denial of Service in ESET products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2024-3779",
        "datePublished": "2024-07-16T08:17:59.962Z",
        "dateReserved": "2024-04-15T07:03:57.841Z",
        "dateUpdated": "2024-08-01T20:20:01.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0353 (GCVE-0-2024-0353)

    Vulnerability from nvd – Published: 2024-02-15 07:40 – Updated: 2025-12-10 19:33
    VLAI
    Title
    Local privilege escalation in Windows products
    Summary
    Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    ESET, spol. s r.o. ESET NOD32 Antivirus Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Internet Security Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Smart Security Premium Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Security Ultimate Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Endpoint Antivirus for Windows Affected: 0 , ≤ 10.1.2058.0 (custom)
    Affected: 0 , ≤ 10.0.2049.0 (custom)
    Affected: 0 , ≤ 9.1.2066.0 (custom)
    Affected: 0 , ≤ 8.1.2052.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Endpoint Security for Windows Affected: 0 , ≤ 10.1.2058.0 (custom)
    Affected: 0 , ≤ 10.0.2049.0 (custom)
    Affected: 0 , ≤ 9.1.2066.0 (custom)
    Affected: 0 , ≤ 8.1.2052.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Server Security for Windows Server Affected: 0 , ≤ 10.0.12014.0 (custom)
    Affected: 0 , ≤ 9.0.12018.0 (custom)
    Affected: 0 , ≤ 8.0.12015.0 (custom)
    Affected: 0 , ≤ 7.3.12011.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server Affected: 0 , ≤ 10.1.10010.0 (custom)
    Affected: 0 , ≤ 10.0.10017.0 (custom)
    Affected: 0 , ≤ 9.0.10011.0 (custom)
    Affected: 0 , ≤ 8.0.10022.0 (custom)
    Affected: 0 , ≤ 7.3.10014.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Mail Security for IBM Domino Affected: 0 , ≤ 10.0.14006.0 (custom)
    Affected: 0 , ≤ 9.0.14007.0 (custom)
    Affected: 0 , ≤ 8.0.14010.0 (custom)
    Affected: 0 , ≤ 7.3.14004.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server Affected: 0 , ≤ 10.0.15004.0 (custom)
    Affected: 0 , ≤ 9.0.15005.0 (custom)
    Affected: 0 , ≤ 8.0.15011.0 (custom)
    Affected: 0 , ≤ 7.3.15004.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET File Security for Microsoft Azure Affected: 0 , ≤ all versions (custom)
    Create a notification for this product.
    eset nod32_antivirus Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset internet_security Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset smart_security_premium Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:smart_security_premium:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset security_ultimate Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:security_ultimate:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset endpoint_antivirus Affected: 0 , ≤ 10.1.2058.0 (custom)
        cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*
    Create a notification for this product.
    eset endpoint_security Affected: 0 , ≤ 10.1.2058.0 (custom)
        cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*
    Create a notification for this product.
    eset server_security Affected: 0 , ≤ 10.0.12014.0 (custom)
        cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*
    Create a notification for this product.
    eset mail_security Affected: 0 , ≤ 10.1.10010.0 (custom)
        cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*
    Create a notification for this product.
    eset mail_security Affected: 0 , ≤ 10.0.14006.0 (custom)
        cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*
    Create a notification for this product.
    eset security Affected: 0 , ≤ 10.0.15004.0 (custom)
        cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*
    Create a notification for this product.
    eset file_security Affected: 0 , ≤ * (custom)
        cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*
    Create a notification for this product.
    Date Public
    2024-02-14 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-12-10T19:33:58.732Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://packetstormsecurity.com/files/182464/ESET-NOD32-Antivirus-18.0.12.0-Unquoted-Service-Path.html"
              },
              {
                "url": "https://packetstormsecurity.com/files/179495/ESET-NOD32-Antivirus-17.2.7.0-Unquoted-Service-Path.html"
              },
              {
                "url": "https://www.exploit-db.com/exploits/51351"
              },
              {
                "url": "https://www.exploit-db.com/exploits/51964"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nod32_antivirus",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "internet_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:smart_security_premium:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "smart_security_premium",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:security_ultimate:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "security_ultimate",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "endpoint_antivirus",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.1.2058.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "endpoint_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.1.2058.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "server_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.0.12014.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mail_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.1.10010.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mail_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.0.14006.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.0.15004.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "file_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-20T19:22:48.853538Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-20T19:53:00.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Internet Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Smart Security Premium",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security Ultimate",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Antivirus for Windows",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2058.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.2049.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.1.2066.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.2052.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2058.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.2049.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.1.2066.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.2052.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.12014.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.12018.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.12015.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.12011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.10010.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.10017.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.10011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.10022.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.10014.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.14006.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.14007.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.14010.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.14004.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.15004.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.15005.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.15011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.15004.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "all versions",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-02-14T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET\u2019s file operations to delete files without having proper permission."
                }
              ],
              "value": "Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET\u2019s file operations to delete files without having proper permission."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-15T07:40:24.786Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8612",
            "discovery": "UNKNOWN"
          },
          "title": "Local privilege escalation in Windows products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2024-0353",
        "datePublished": "2024-02-15T07:40:24.786Z",
        "dateReserved": "2024-01-09T14:21:58.755Z",
        "dateUpdated": "2025-12-10T19:33:58.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-7043 (GCVE-0-2023-7043)

    Vulnerability from nvd – Published: 2024-01-31 12:51 – Updated: 2024-10-17 17:54
    VLAI
    Title
    Unquoted path privilege vulnerability in ESET products for Windows
    Summary
    Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-428 - Unquoted Search Path or Element
    Assigner
    References
    Date Public
    2024-01-26 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:50:07.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8602"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-7043",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-31T15:52:23.258496Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-17T17:54:28.120Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2063.x",
                  "status": "affected",
                  "version": "10.1.2046.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2063.x",
                  "status": "affected",
                  "version": "10.1.2046.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "16.1.14.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Internet Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "16.1.14.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Smart Security Premium",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "16.1.14.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.1.10012.0"
                }
              ]
            }
          ],
          "datePublic": "2024-01-26T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unquoted service path in ESET products allows to \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edrop a prepared program to a specific location\u003c/span\u003e\u0026nbsp;and\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003erun on boot with \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe \n\nNT AUTHORITY\\NetworkService\u0026nbsp;permissions.\u003c/span\u003e"
                }
              ],
              "value": "Unquoted service path in ESET products allows to \n\ndrop a prepared program to a specific location\u00a0and\u00a0run on boot with the \n\nNT AUTHORITY\\NetworkService\u00a0permissions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-428",
                  "description": "CWE-428 Unquoted Search Path or Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-31T12:52:10.301Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8602"
            }
          ],
          "source": {
            "advisory": "ca8602",
            "discovery": "UNKNOWN"
          },
          "title": "Unquoted path privilege vulnerability in ESET products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2023-7043",
        "datePublished": "2024-01-31T12:51:38.253Z",
        "dateReserved": "2023-12-21T12:14:56.731Z",
        "dateUpdated": "2024-10-17T17:54:28.120Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5594 (GCVE-0-2023-5594)

    Vulnerability from nvd – Published: 2023-12-21 11:30 – Updated: 2024-08-02 08:07
    VLAI
    Title
    Improper following of a certificate's chain of trust in ESET security products
    Summary
    Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Date Public
    2023-12-20 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:07:32.481Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Internet Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Smart Security Premium",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Security Ultimate",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Endpoint Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Endpoint Antivirus for Linux 10.0 and above",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Server Security for Linux 10.1 and above ",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            }
          ],
          "datePublic": "2023-12-20T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of the server\u2019s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted."
                }
              ],
              "value": "Improper validation of the server\u2019s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-94",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-94 Man in the Middle Attack"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-21T11:30:41.256Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed"
            }
          ],
          "source": {
            "advisory": "ca8562",
            "discovery": "UNKNOWN"
          },
          "title": "Improper following of a certificate\u0027s chain of trust\u202fin ESET security products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2023-5594",
        "datePublished": "2023-12-21T11:30:41.256Z",
        "dateReserved": "2023-10-16T08:12:50.985Z",
        "dateUpdated": "2024-08-02T08:07:32.481Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-13818 (GCVE-0-2025-13818)

    Vulnerability from cvelistv5 – Published: 2026-02-06 13:13 – Updated: 2026-02-06 14:25
    VLAI
    Title
    Local privilege escalation in ESET Management Agent for Windows
    Summary
    Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
    Assigner
    Impacted products
    Vendor Product Version
    ESET spol s.r.o. ESET Management Agent Affected: 0 , ≤ 12.5.2104.0 (custom)
    Create a notification for this product.
    Date Public
    2026-02-06 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13818",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-06T14:23:49.218691Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-06T14:25:02.493Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "ESET Management Agent",
              "vendor": "ESET spol s.r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "12.5.2104.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2026-02-06T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent"
                }
              ],
              "value": "Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-367",
                  "description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-06T13:13:47.046Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8913-eset-customer-advisory-local-privilege-escalation-via-insecure-temporary-batch-file-execution-in-eset-management-agent-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8913",
            "discovery": "UNKNOWN"
          },
          "title": "Local privilege escalation in ESET Management Agent for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2025-13818",
        "datePublished": "2026-02-06T13:13:47.046Z",
        "dateReserved": "2025-12-01T07:56:48.667Z",
        "dateUpdated": "2026-02-06T14:25:02.493Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4952 (GCVE-0-2025-4952)

    Vulnerability from cvelistv5 – Published: 2025-10-31 12:28 – Updated: 2025-10-31 14:18
    VLAI
    Title
    Denial-of-service vulnerability in ESET security products for Windows
    Summary
    Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-732 - Incorrect Permission Assignment for Critical Resource
    Assigner
    Date Public
    2025-08-22 10:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4952",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-10-31T14:18:06.194469Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-31T14:18:16.911Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "hips"
              ],
              "platforms": [
                "Windows"
              ],
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Internet Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Smart Security Premium",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security Ultimate",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Small Business Security",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Safe Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "HIPS support module"
              ],
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1496",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_nod32_antivirus:1496:*:windows:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_internet_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_smart_security_premium:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_ultimate:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_small_business_security:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_safe_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_antivirus:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_endpoint_security_for_windows:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_server_security_for_windows_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_microsoft_exchange_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_mail_security_for_ibm_domino:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_security_for_microsoft_sharepoint_server:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                },
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:eset:eset_file_security_for_microsoft_azure:1496:*:*:*:*:*:*:*",
                      "vulnerable": false
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "datePublic": "2025-08-22T10:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eTampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration.\u003c/span\u003e"
                }
              ],
              "value": "Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product\u0027s configuration."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-203",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-203 Manipulate Registry Information"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-732",
                  "description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-10-31T12:28:15.267Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8853-eset-customer-advisory-denial-of-service-vulnerability-in-eset-security-products-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8853",
            "discovery": "UNKNOWN"
          },
          "title": "Denial-of-service vulnerability in ESET security products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2025-4952",
        "datePublished": "2025-10-31T12:28:15.267Z",
        "dateReserved": "2025-05-19T10:36:38.958Z",
        "dateUpdated": "2025-10-31T14:18:16.911Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-3779 (GCVE-0-2024-3779)

    Vulnerability from cvelistv5 – Published: 2024-07-16 08:17 – Updated: 2024-08-01 20:20
    VLAI
    Title
    Denial of Service in ESET products for Windows
    Summary
    Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET’s security product inoperable, provided non-default preconditions were met.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Date Public
    2024-07-12 10:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-3779",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-07-16T13:10:29.360811Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-07-16T13:10:35.421Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T20:20:01.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8688"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Internet Security",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Smart Security Premium",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security Ultimate",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "17.1.13.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Antivirus for Windows",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2044.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.2044.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.12011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.10005.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET s.r.o",
              "versions": [
                {
                  "lessThanOrEqual": "11.0.15002.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-07-12T10:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET\u2019s security product inoperable, provided non-default preconditions were met."
                }
              ],
              "value": "Denial of service vulnerability present shortly after product installation or upgrade, potentially allowed an attacker to render ESET\u2019s security product inoperable, provided non-default preconditions were met."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-578",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-578 Disable Security Software"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276 Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-16T08:17:59.962Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8688"
            }
          ],
          "source": {
            "advisory": "ca8688",
            "discovery": "UNKNOWN"
          },
          "title": "Denial of Service in ESET products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2024-3779",
        "datePublished": "2024-07-16T08:17:59.962Z",
        "dateReserved": "2024-04-15T07:03:57.841Z",
        "dateUpdated": "2024-08-01T20:20:01.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-0353 (GCVE-0-2024-0353)

    Vulnerability from cvelistv5 – Published: 2024-02-15 07:40 – Updated: 2025-12-10 19:33
    VLAI
    Title
    Local privilege escalation in Windows products
    Summary
    Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET’s file operations to delete files without having proper permission.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    ESET, spol. s r.o. ESET NOD32 Antivirus Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Internet Security Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Smart Security Premium Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Security Ultimate Affected: 0 , ≤ 16.2.15.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Endpoint Antivirus for Windows Affected: 0 , ≤ 10.1.2058.0 (custom)
    Affected: 0 , ≤ 10.0.2049.0 (custom)
    Affected: 0 , ≤ 9.1.2066.0 (custom)
    Affected: 0 , ≤ 8.1.2052.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Endpoint Security for Windows Affected: 0 , ≤ 10.1.2058.0 (custom)
    Affected: 0 , ≤ 10.0.2049.0 (custom)
    Affected: 0 , ≤ 9.1.2066.0 (custom)
    Affected: 0 , ≤ 8.1.2052.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Server Security for Windows Server Affected: 0 , ≤ 10.0.12014.0 (custom)
    Affected: 0 , ≤ 9.0.12018.0 (custom)
    Affected: 0 , ≤ 8.0.12015.0 (custom)
    Affected: 0 , ≤ 7.3.12011.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Mail Security for Microsoft Exchange Server Affected: 0 , ≤ 10.1.10010.0 (custom)
    Affected: 0 , ≤ 10.0.10017.0 (custom)
    Affected: 0 , ≤ 9.0.10011.0 (custom)
    Affected: 0 , ≤ 8.0.10022.0 (custom)
    Affected: 0 , ≤ 7.3.10014.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Mail Security for IBM Domino Affected: 0 , ≤ 10.0.14006.0 (custom)
    Affected: 0 , ≤ 9.0.14007.0 (custom)
    Affected: 0 , ≤ 8.0.14010.0 (custom)
    Affected: 0 , ≤ 7.3.14004.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET Security for Microsoft SharePoint Server Affected: 0 , ≤ 10.0.15004.0 (custom)
    Affected: 0 , ≤ 9.0.15005.0 (custom)
    Affected: 0 , ≤ 8.0.15011.0 (custom)
    Affected: 0 , ≤ 7.3.15004.0 (custom)
    Create a notification for this product.
    ESET, spol. s r.o. ESET File Security for Microsoft Azure Affected: 0 , ≤ all versions (custom)
    Create a notification for this product.
    eset nod32_antivirus Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset internet_security Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset smart_security_premium Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:smart_security_premium:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset security_ultimate Affected: 0 , ≤ 16.2.15.0 (custom)
        cpe:2.3:a:eset:security_ultimate:*:*:*:*:*:*:*:*
    Create a notification for this product.
    eset endpoint_antivirus Affected: 0 , ≤ 10.1.2058.0 (custom)
        cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*
    Create a notification for this product.
    eset endpoint_security Affected: 0 , ≤ 10.1.2058.0 (custom)
        cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*
    Create a notification for this product.
    eset server_security Affected: 0 , ≤ 10.0.12014.0 (custom)
        cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*
    Create a notification for this product.
    eset mail_security Affected: 0 , ≤ 10.1.10010.0 (custom)
        cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*
    Create a notification for this product.
    eset mail_security Affected: 0 , ≤ 10.0.14006.0 (custom)
        cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*
    Create a notification for this product.
    eset security Affected: 0 , ≤ 10.0.15004.0 (custom)
        cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*
    Create a notification for this product.
    eset file_security Affected: 0 , ≤ * (custom)
        cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*
    Create a notification for this product.
    Date Public
    2024-02-14 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-12-10T19:33:58.732Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://packetstormsecurity.com/files/182464/ESET-NOD32-Antivirus-18.0.12.0-Unquoted-Service-Path.html"
              },
              {
                "url": "https://packetstormsecurity.com/files/179495/ESET-NOD32-Antivirus-17.2.7.0-Unquoted-Service-Path.html"
              },
              {
                "url": "https://www.exploit-db.com/exploits/51351"
              },
              {
                "url": "https://www.exploit-db.com/exploits/51964"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:eset:nod32_antivirus:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "nod32_antivirus",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:internet_security:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "internet_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:smart_security_premium:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "smart_security_premium",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:security_ultimate:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "security_ultimate",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "16.2.15.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:endpoint_antivirus:-:*:*:*:*:windows:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "endpoint_antivirus",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.1.2058.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:endpoint_security:-:*:*:*:*:windows:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "endpoint_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.1.2058.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:server_security:-:*:*:*:*:windows_server:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "server_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.0.12014.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:mail_security:-:*:*:*:*:exchange_server:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mail_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.1.10010.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:mail_security:-:*:*:*:*:domino:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "mail_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.0.14006.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:security:-:*:*:*:*:sharepoint_server:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "10.0.15004.0",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:a:eset:file_security:-:*:*:*:*:azure:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "file_security",
                "vendor": "eset",
                "versions": [
                  {
                    "lessThanOrEqual": "*",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-0353",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-20T19:22:48.853538Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-08-20T19:53:00.534Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Internet Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Smart Security Premium",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security Ultimate",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Antivirus for Windows",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2058.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.2049.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.1.2066.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.2052.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Security for Windows",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2058.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.2049.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.1.2066.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.1.2052.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.12014.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.12018.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.12015.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.12011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.10010.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "10.0.10017.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.10011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.10022.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.10014.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.14006.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.14007.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.14010.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.14004.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.0.15004.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.0.15005.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "8.0.15011.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "7.3.15004.0",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "all versions",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-02-14T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET\u2019s file operations to delete files without having proper permission."
                }
              ],
              "value": "Local privilege escalation vulnerability potentially allowed an attacker to misuse ESET\u2019s file operations to delete files without having proper permission."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-02-15T07:40:24.786Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed"
            }
          ],
          "source": {
            "advisory": "ca8612",
            "discovery": "UNKNOWN"
          },
          "title": "Local privilege escalation in Windows products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2024-0353",
        "datePublished": "2024-02-15T07:40:24.786Z",
        "dateReserved": "2024-01-09T14:21:58.755Z",
        "dateUpdated": "2025-12-10T19:33:58.732Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2023-7043 (GCVE-0-2023-7043)

    Vulnerability from cvelistv5 – Published: 2024-01-31 12:51 – Updated: 2024-10-17 17:54
    VLAI
    Title
    Unquoted path privilege vulnerability in ESET products for Windows
    Summary
    Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-428 - Unquoted Search Path or Element
    Assigner
    References
    Date Public
    2024-01-26 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:50:07.939Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8602"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-7043",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-01-31T15:52:23.258496Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-17T17:54:28.120Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2063.x",
                  "status": "affected",
                  "version": "10.1.2046.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "10.1.2063.x",
                  "status": "affected",
                  "version": "10.1.2046.x",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "16.1.14.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Internet Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "16.1.14.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Smart Security Premium",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "lessThanOrEqual": "16.2.15.0",
                  "status": "affected",
                  "version": "16.1.14.0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.1.10012.0"
                }
              ]
            }
          ],
          "datePublic": "2024-01-26T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Unquoted service path in ESET products allows to \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003edrop a prepared program to a specific location\u003c/span\u003e\u0026nbsp;and\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003erun on boot with \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe \n\nNT AUTHORITY\\NetworkService\u0026nbsp;permissions.\u003c/span\u003e"
                }
              ],
              "value": "Unquoted service path in ESET products allows to \n\ndrop a prepared program to a specific location\u00a0and\u00a0run on boot with the \n\nNT AUTHORITY\\NetworkService\u00a0permissions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-428",
                  "description": "CWE-428 Unquoted Search Path or Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-01-31T12:52:10.301Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8602"
            }
          ],
          "source": {
            "advisory": "ca8602",
            "discovery": "UNKNOWN"
          },
          "title": "Unquoted path privilege vulnerability in ESET products for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2023-7043",
        "datePublished": "2024-01-31T12:51:38.253Z",
        "dateReserved": "2023-12-21T12:14:56.731Z",
        "dateUpdated": "2024-10-17T17:54:28.120Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-5594 (GCVE-0-2023-5594)

    Vulnerability from cvelistv5 – Published: 2023-12-21 11:30 – Updated: 2024-08-02 08:07
    VLAI
    Title
    Improper following of a certificate's chain of trust in ESET security products
    Summary
    Improper validation of the server’s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted.
    CWE
    • CWE-295 - Improper Certificate Validation
    Assigner
    Date Public
    2023-12-20 11:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T08:07:32.481Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET NOD32 Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Internet Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Smart Security Premium",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Security Ultimate",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Endpoint Antivirus",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Endpoint Security",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Endpoint Antivirus for Linux 10.0 and above",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Server Security for Windows Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Mail Security for Microsoft Exchange Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Mail Security for IBM Domino",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Security for Microsoft SharePoint Server",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET File Security for Microsoft Azure",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "modules": [
                "Internet protection module"
              ],
              "product": "ESET Server Security for Linux 10.1 and above ",
              "vendor": "ESET, spol. s r.o.",
              "versions": [
                {
                  "status": "unaffected",
                  "version": "1464"
                }
              ]
            }
          ],
          "datePublic": "2023-12-20T11:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Improper validation of the server\u2019s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted."
                }
              ],
              "value": "Improper validation of the server\u2019s certificate chain in secure traffic scanning feature considered intermediate certificate signed using the MD5 or SHA1 algorithm as trusted."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-94",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-94 Man in the Middle Attack"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-295",
                  "description": "CWE-295 Improper Certificate Validation",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-21T11:30:41.256Z",
            "orgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
            "shortName": "ESET"
          },
          "references": [
            {
              "url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed"
            }
          ],
          "source": {
            "advisory": "ca8562",
            "discovery": "UNKNOWN"
          },
          "title": "Improper following of a certificate\u0027s chain of trust\u202fin ESET security products",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "4a9b9929-2450-4021-b7b9-469a0255b215",
        "assignerShortName": "ESET",
        "cveId": "CVE-2023-5594",
        "datePublished": "2023-12-21T11:30:41.256Z",
        "dateReserved": "2023-10-16T08:12:50.985Z",
        "dateUpdated": "2024-08-02T08:07:32.481Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CERTFR-2026-AVI-0111

    Vulnerability from certfr_avis - Published: 2026-02-02 - Updated: 2026-02-02

    Une vulnérabilité a été découverte dans ESET Inspect Connector. Elle permet à un attaquant de provoquer une élévation de privilèges.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ESET Inspect Connector Inspect Connector versions antérieures à 3.0.5765 sur Windows
    References
    Bulletin de sécurité ESET ca8910 2026-01-30 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Inspect Connector versions ant\u00e9rieures \u00e0 3.0.5765 sur Windows",
          "product": {
            "name": "Inspect Connector",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-13176",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-13176"
        }
      ],
      "initial_release_date": "2026-02-02T00:00:00",
      "last_revision_date": "2026-02-02T00:00:00",
      "links": [],
      "reference": "CERTFR-2026-AVI-0111",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2026-02-02T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans ESET Inspect Connector. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
      "title": "Vuln\u00e9rabilit\u00e9 dans ESET Inspect Connector",
      "vendor_advisories": [
        {
          "published_at": "2026-01-30",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8910",
          "url": "https://support-feed.eset.com/link/15370/17266505/ca8910"
        }
      ]
    }

    CERTFR-2025-AVI-0727

    Vulnerability from certfr_avis - Published: - Updated:

    De multiples vulnérabilités ont été découvertes dans les produits ESET. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ESET Server Security Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) sans le dernier correctif de sécurité
    ESET Mail Security Mail Security pour Microsoft Exchange Server sans le dernier correctif de sécurité
    ESET File Security File Security pour Microsoft Azure sans le dernier correctif de sécurité
    ESET PROTECT On-Prem PROTECT On-Prem versions 12.1.x antérieures à 12.1.11.0
    ESET Security Ultimate Security Ultimate sans le dernier correctif de sécurité
    ESET Endpoint Antivirus Endpoint Antivirus pour Windows sans le dernier correctif de sécurité
    ESET Endpoint Security Endpoint Security pour Windows sans le dernier correctif de sécurité
    ESET Security Security pour Microsoft SharePoint Server sans le dernier correctif de sécurité
    ESET Safe Server Safe Server sans le dernier correctif de sécurité
    ESET Small Business Security Small Business Security sans le dernier correctif de sécurité
    ESET PROTECT On-Prem PROTECT On-Prem versions 11.1.x antérieures à 11.1.18.0
    ESET Smart Security Premium Smart Security Premium sans le dernier correctif de sécurité
    ESET NOD32 Antivirus NOD32 Antivirus sans le dernier correctif de sécurité
    ESET PROTECT On-Prem PROTECT On-Prem versions 12.0.x antérieures à 12.0.15.0
    ESET Mail Security Mail Security pour IBM Domino sans le dernier correctif de sécurité
    ESET Internet Security Internet Security sans le dernier correctif de sécurité
    References
    Bulletin de sécurité ESET ca8854 2025-08-21 vendor-advisory
    Bulletin de sécurité ESET ca8853 2025-08-21 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Mail Security pour Microsoft Exchange Server sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "File Security pour Microsoft Azure sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "File Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "PROTECT On-Prem versions 12.1.x ant\u00e9rieures \u00e0 12.1.11.0",
          "product": {
            "name": "PROTECT On-Prem",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security Ultimate sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Security Ultimate",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Antivirus pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Security pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security pour Microsoft SharePoint Server sans le dernier correctif de s\u00e9curit\u00e9\n\n",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Safe Server sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Safe Server",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Small Business Security sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Small Business Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "PROTECT On-Prem versions 11.1.x ant\u00e9rieures \u00e0 11.1.18.0",
          "product": {
            "name": "PROTECT On-Prem",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Smart Security Premium sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "Smart Security Premium",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "NOD32 Antivirus sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "NOD32 Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "PROTECT On-Prem versions 12.0.x ant\u00e9rieures \u00e0 12.0.15.0",
          "product": {
            "name": "PROTECT On-Prem",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Mail Security pour IBM Domino sans le dernier correctif de s\u00e9curit\u00e9\n",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Internet Security sans le dernier correctif de s\u00e9curit\u00e9\n",
          "product": {
            "name": "Internet Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-8352",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-8352"
        },
        {
          "name": "CVE-2025-4952",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-4952"
        },
        {
          "name": "CVE-2025-48976",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-48976"
        },
        {
          "name": "CVE-2025-48988",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-48988"
        }
      ],
      "links": [],
      "reference": "CERTFR-2025-AVI-0727",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-08-25T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service \u00e0 distance"
        },
        {
          "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits ESET. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": "2025-08-21",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8854",
          "url": "https://support-feed.eset.com/link/15370/17124579/ca8854"
        },
        {
          "published_at": "2025-08-21",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8853",
          "url": "https://support-feed.eset.com/link/15370/17124580/ca8853"
        }
      ]
    }

    CERTFR-2025-AVI-0623

    Vulnerability from certfr_avis - Published: - Updated:

    De multiples vulnérabilités ont été découvertes dans les produits ESET. Elles permettent à un attaquant de provoquer une élévation de privilèges et une atteinte à l'intégrité des données.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ESET Endpoint Security Endpoint Security versions antérieures à 11.1.2062.0 pour Windows
    ESET Small Business Security Small Business Security versions antérieures à 18.2.14.0
    ESET Security Security versions 11.x antérieures à 11.1.15005.0 pour Microsoft SharePoint Server
    ESET Mail Security Mail Security versions 11.x antérieures à 11.1.10013 pour Microsoft Exchange Server
    ESET Internet Security Internet Security versions antérieures à 18.2.14.0
    ESET Server Security Server Security versions 12.x antérieures à 12.0.12005.0 pour Windows
    ESET Smart Security Premium Smart Security Premium versions antérieures à 18.2.14.0
    ESET Security Security versions 12.x antérieures à 12.0.15005.0 pour Microsoft SharePoint Server
    ESET Safe Server Safe Server versions antérieures à 18.2.14.0
    ESET Security Ultimate Security Ultimate versions antérieures à 18.2.14.0
    ESET Server Security Server Security versions 11.x antérieures à 11.1.12013.0 pour Windows
    ESET Mail Security Mail Security versions 12.x antérieures à 12.0.10004.0 pour Microsoft Exchange Server
    ESET Endpoint Antivirus Endpoint Antivirus versions antérieures à 12.0.2058.0 pour Windows
    ESET NOD32 Antivirus NOD32 Antivirus versions antérieures à 18.2.14.0
    References
    Bulletin de sécurité ESET ca8840 2025-07-16 vendor-advisory
    Bulletin de sécurité ESET ca8838 2025-07-09 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Endpoint Security versions ant\u00e9rieures \u00e0 11.1.2062.0 pour Windows",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Small Business Security versions ant\u00e9rieures \u00e0 18.2.14.0",
          "product": {
            "name": "Small Business Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security versions 11.x ant\u00e9rieures \u00e0 11.1.15005.0 pour Microsoft SharePoint Server",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Mail Security versions 11.x ant\u00e9rieures \u00e0 11.1.10013 pour Microsoft Exchange Server",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Internet Security versions ant\u00e9rieures \u00e0 18.2.14.0",
          "product": {
            "name": "Internet Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Server Security versions 12.x ant\u00e9rieures \u00e0 12.0.12005.0 pour Windows",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Smart Security Premium versions ant\u00e9rieures \u00e0 18.2.14.0",
          "product": {
            "name": "Smart Security Premium",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security versions 12.x ant\u00e9rieures \u00e0 12.0.15005.0 pour Microsoft SharePoint Server",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Safe Server versions ant\u00e9rieures \u00e0 18.2.14.0",
          "product": {
            "name": "Safe Server",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security Ultimate versions ant\u00e9rieures \u00e0 18.2.14.0",
          "product": {
            "name": "Security Ultimate",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Server Security versions 11.x ant\u00e9rieures \u00e0 11.1.12013.0 pour Windows",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Mail Security versions 12.x ant\u00e9rieures \u00e0 12.0.10004.0 pour Microsoft Exchange Server",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Antivirus versions ant\u00e9rieures \u00e0 12.0.2058.0 pour Windows",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "NOD32 Antivirus versions ant\u00e9rieures \u00e0 18.2.14.0",
          "product": {
            "name": "NOD32 Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2025-5028",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-5028"
        },
        {
          "name": "CVE-2025-2425",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-2425"
        }
      ],
      "links": [],
      "reference": "CERTFR-2025-AVI-0623",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-07-25T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits ESET. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": "2025-07-16",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8840",
          "url": "https://support-feed.eset.com/link/15370/17103529/ca8840"
        },
        {
          "published_at": "2025-07-09",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8838",
          "url": "https://support-feed.eset.com/link/15370/17103530/ca8838"
        }
      ]
    }

    CERTFR-2025-AVI-0280

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ESET Smart Security Premium Smart Security Premium versions antériéures à 18.1.10.0
    ESET Server Security Server Security versions antérieures à 11.1.12009.0 pour Windows Server
    ESET NOD32 Antivirus NOD32 Antivirus versions antériéures à 18.1.10.0
    ESET Internet Security Internet Security versions antériéures à 18.1.10.0
    ESET Endpoint Security Endpoint Security versions antérieures à 12.0.2045.0
    ESET Endpoint Antivirus Endpoint Antivirus versions antérieures à 12.0.2045.0
    ESET Mail Security Mail Security versions antérieures à 11.1.10011.0, 11.0.10010.0 et 10.1.10017.0 pour Microsoft Exchange Server
    ESET Security Ultimate Security Ultimate versions antériéures à 18.1.10.0
    ESET Endpoint Antivirus Endpoint Antivirus versions antérieures à 11.1.2059.0
    ESET Security Security versions antérieures à 11.1.15003.0, 11.0.15007.0, 10.0.15008.0 pour Microsoft SharePoint Server
    ESET Safe Server ESET Safe Server versions antérieures à 18.1.10.0
    ESET Endpoint Security Endpoint Security versions antérieures à 11.1.2059.0
    ESET Small Business Security Small Business Security versions antérieures à 18.1.10.0
    References
    Bulletin de sécurité ESET CA8810 2025-04-04 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "Smart Security Premium versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
          "product": {
            "name": "Smart Security Premium",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Server Security versions ant\u00e9rieures \u00e0 11.1.12009.0 pour Windows Server",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "NOD32 Antivirus versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
          "product": {
            "name": "NOD32 Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Internet Security versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
          "product": {
            "name": "Internet Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Security versions ant\u00e9rieures \u00e0 12.0.2045.0",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Antivirus versions ant\u00e9rieures \u00e0 12.0.2045.0",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Mail Security versions ant\u00e9rieures \u00e0 11.1.10011.0, 11.0.10010.0 et 10.1.10017.0 pour Microsoft Exchange Server",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security Ultimate versions ant\u00e9ri\u00e9ures \u00e0 18.1.10.0",
          "product": {
            "name": "Security Ultimate",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Antivirus versions ant\u00e9rieures \u00e0 11.1.2059.0",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security versions ant\u00e9rieures \u00e0 11.1.15003.0, 11.0.15007.0, 10.0.15008.0 pour Microsoft SharePoint Server",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Safe Server versions ant\u00e9rieures \u00e0 18.1.10.0",
          "product": {
            "name": "Safe Server",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Security versions ant\u00e9rieures \u00e0 11.1.2059.0",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Small Business Security versions ant\u00e9rieures \u00e0 18.1.10.0",
          "product": {
            "name": "Small Business Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-11859",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-11859"
        }
      ],
      "links": [],
      "reference": "CERTFR-2025-AVI-0280",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2025-04-07T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits ESET. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": "2025-04-04",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET CA8810",
          "url": "https://support-feed.eset.com/link/15370/16999046/ca8810"
        }
      ]
    }

    CERTFR-2024-AVI-0801

    Vulnerability from certfr_avis - Published: - Updated:

    De multiples vulnérabilités ont été découvertes dans les produits ESET. Elles permettent à un attaquant de provoquer une élévation de privilèges et un déni de service.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ESET Safe Server ESET Safe Server sans le correctif de sécurité Cleaner module 1251
    ESET Small Business Security ESET Small Business Security sans le correctif de sécurité Cleaner module 1251
    ESET Security Ultimate ESET Security Ultimate sans le correctif de sécurité Cleaner module 1251
    ESET Endpoint Security ESET Endpoint Security sans le correctif de sécurité Cleaner module 1251 pour Windows
    ESET File Security ESET File Security sans le correctif de sécurité Cleaner module 1251 pour Microsoft Azure
    ESET NOD32 Antivirus ESET NOD32 Antivirus sans le correctif de sécurité Cleaner module 1251
    ESET Internet Security ESET Internet Security sans le correctif de sécurité Cleaner module 1251
    ESET Mail Security ESET Mail Security sans le correctif de sécurité Cleaner module 1251 pour Microsoft Exchange Server et IBM Domino
    ESET Smart Security Premium ESET Smart Security Premium sans le correctif de sécurité Cleaner module 1251
    ESET Server Security ESET Server Security sans le correctif de sécurité Cleaner module 1251 pour Windows Server
    ESET Endpoint Security ESET Endpoint Security versions antérieures à 8.0.7200.0 pour macOS
    ESET Cyber Security ESET Cyber Security versions antérieures à 7.5.74.0
    ESET Endpoint Antivirus ESET Endpoint Antivirus sans le correctif de sécurité Cleaner module 1251
    ESET Security ESET Security sans le correctif de sécurité Cleaner module 1251 pour Microsoft SharePoint Server
    References
    Bulletin de sécurité ESET ca8725 2024-09-20 vendor-advisory
    Bulletin de sécurité ESET ca8726 2024-09-20 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ESET Safe Server sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
          "product": {
            "name": "Safe Server",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Small Business Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
          "product": {
            "name": "Small Business Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security Ultimate sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
          "product": {
            "name": "Security Ultimate",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Windows",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET File Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Microsoft Azure",
          "product": {
            "name": "File Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET NOD32 Antivirus sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
          "product": {
            "name": "NOD32 Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Internet Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
          "product": {
            "name": "Internet Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Microsoft Exchange Server et IBM Domino ",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Smart Security Premium sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
          "product": {
            "name": "Smart Security Premium",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Windows Server",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Security versions ant\u00e9rieures \u00e0 8.0.7200.0 pour macOS ",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Cyber Security versions ant\u00e9rieures \u00e0 7.5.74.0 ",
          "product": {
            "name": "Cyber Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security sans le correctif de s\u00e9curit\u00e9 Cleaner module 1251 pour Microsoft SharePoint Server",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-6654",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6654"
        },
        {
          "name": "CVE-2024-7400",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-7400"
        }
      ],
      "links": [],
      "reference": "CERTFR-2024-AVI-0801",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-09-23T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "D\u00e9ni de service"
        },
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits ESET. Elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service.",
      "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": "2024-09-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8725",
          "url": "https://support-feed.eset.com/link/15370/16815452/ca8725"
        },
        {
          "published_at": "2024-09-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8726",
          "url": "https://support-feed.eset.com/link/15370/16815451/ca8726"
        }
      ]
    }

    CERTFR-2024-AVI-0581

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données et un déni de service.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ESET Smart Security Premium ESET Smart Security Premium versions antérieures à 17.2.7.0
    ESET Mail Security ESET Mail Security versions antérieures à 11.0.10008.0 pour Microsoft Exchange Server
    ESET Security ESET Security versions antérieures à 11.0.15004.0 pour Microsoft SharePoint Server
    ESET Server Security ESET Server Security versions antérieures à 11.0.12012.0 pour Windows Server
    ESET Endpoint Antivirus ESET Endpoint Antivirus versions antérieures à 11.1.2039.0 pour Windows
    ESET Security Ultimate ESET Security Ultimate versions antérieures à 17.2.7.0
    ESET Internet Security ESET Internet Security versions antérieures à 17.2.7.0
    ESET Endpoint Security ESET Endpoint Security versions antérieures à 11.1.2039.0 pour Windows
    ESET NOD32 Antivirus ESET NOD32 Antivirus versions antérieures à 17.2.7.0
    References
    Bulletin de sécurité ESET ca8688 2024-07-12 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ESET Smart Security Premium versions ant\u00e9rieures \u00e0 17.2.7.0",
          "product": {
            "name": "Smart Security Premium",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security versions ant\u00e9rieures \u00e0 11.0.10008.0 pour Microsoft Exchange Server",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security versions ant\u00e9rieures \u00e0 11.0.15004.0 pour Microsoft SharePoint Server",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security versions ant\u00e9rieures \u00e0 11.0.12012.0 pour Windows Server",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus versions ant\u00e9rieures \u00e0 11.1.2039.0 pour Windows",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security Ultimate versions ant\u00e9rieures \u00e0 17.2.7.0",
          "product": {
            "name": "Security Ultimate",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": " ESET Internet Security versions ant\u00e9rieures \u00e0 17.2.7.0",
          "product": {
            "name": "Internet Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Security versions ant\u00e9rieures \u00e0 11.1.2039.0 pour Windows",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET NOD32 Antivirus versions ant\u00e9rieures \u00e0 17.2.7.0",
          "product": {
            "name": "NOD32 Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-3779",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-3779"
        }
      ],
      "links": [],
      "reference": "CERTFR-2024-AVI-0581",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-07-15T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
        },
        {
          "description": "D\u00e9ni de service"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits ESET. Elle permet \u00e0 un attaquant de provoquer une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": "2024-07-12",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8688",
          "url": "https://support-feed.eset.com/link/15370/16741922/ca8688"
        }
      ]
    }

    CERTFR-2024-AVI-0511

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer une élévation de privilèges.

    Solutions

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    Impacted products
    Vendor Product Description
    ESET N/A NOD32 Antivirus, Internet Security, Smart Security Premium et Security Ultimate sans le dernier correctif de sécurité
    ESET N/A Mail Security pour Microsoft Exchange Server sans le dernier correctif de sécurité
    ESET N/A Mail Security pour IBM Domino sans le dernier correctif de sécurité
    ESET N/A Endpoint Antivirus pour Windows et Endpoint Security pour Windows sans le dernier correctif de sécurité
    ESET N/A File Security pour Microsoft Azure sans le dernier correctif de sécurité
    ESET N/A Server Security pour Windows Server (File Security pour Microsoft Windows Server) sans le dernier correctif de sécurité
    ESET N/A Small Business Security et Safe Server sans le dernier correctif de sécurité
    ESET N/A Security pour Microsoft SharePoint Server sans le dernier correctif de sécurité
    References
    Bulletin de sécurité ESET ca8674 2024-06-20 vendor-advisory

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "NOD32 Antivirus, Internet Security, Smart Security Premium et Security Ultimate sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Mail Security pour Microsoft Exchange Server sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Mail Security pour IBM Domino sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Endpoint Antivirus pour Windows et Endpoint Security pour Windows sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "File Security pour Microsoft Azure sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Server Security pour Windows Server (File Security pour Microsoft Windows Server) sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Small Business Security et Safe Server sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "Security pour Microsoft SharePoint Server sans le dernier correctif de s\u00e9curit\u00e9",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": "",
      "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
      "cves": [
        {
          "name": "CVE-2024-2003",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-2003"
        }
      ],
      "links": [],
      "reference": "CERTFR-2024-AVI-0511",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-06-21T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits ESET. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges.",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": "2024-06-20",
          "title": "Bulletin de s\u00e9curit\u00e9 ESET ca8674",
          "url": "https://support-feed.eset.com/link/15370/16720701/ca8674"
        }
      ]
    }

    CERTFR-2024-AVI-0136

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer une élévation de privilèges.

    Solution

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    None
    Impacted products
    Vendor Product Description
    ESET Security ESET Security pour Microsoft SharePoint Server versions 7.3.x.x antérieures à 7.3.15006.0
    ESET N/A ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium et ESET Security Ultimate versions antérieures à 17.0.10.0
    ESET Mail Security ESET Mail Security pour IBM Domino versions 10.0.x.x antérieures à 10.0.14007.0
    ESET Mail Security ESET Mail Security pour Microsoft Exchange Server versions 10.1.x.x antérieures à 10.1.10014.0
    ESET Security ESET Security pour Microsoft SharePoint Server versions 9.0.x.x antérieures à 9.0.15006.0
    ESET Mail Security ESET Mail Security pour IBM Domino versions 7.3.x.x antérieures à 7.3.14006.0
    ESET N/A ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 10.0.x.x antérieures à 10.0.12015.0
    ESET Mail Security ESET Mail Security pour IBM Domino versions 8.0.x.x antérieures à 8.0.14014.0
    ESET N/A ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 10.1.x.x antérieures à 10.1.2063.0
    ESET N/A ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 10.0.x.x antérieures à 10.0.2052.0
    ESET N/A ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 7.3.x.x antérieures à 7.3.12013.0
    ESET N/A ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 8.1.x.x antérieures à 8.1.2062.0
    ESET Mail Security ESET Mail Security pour Microsoft Exchange Server versions 9.0.x.x antérieures à 9.0.10012.0
    ESET N/A ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 8.0.x.x antérieures à 8.0.12016.0
    ESET Mail Security ESET Mail Security pour Microsoft Exchange Server versions 8.0.x.x antérieures à 8.0.10024.0
    ESET Mail Security ESET Mail Security pour Microsoft Exchange Server versions 7.3.x.x antérieures à 7.3.10018.0
    ESET Security ESET Security pour Microsoft SharePoint Server versions 8.0.x.x antérieures à 8.0.15012.0
    ESET Security ESET Security pour Microsoft SharePoint Server versions 10.0.x.x antérieures à 10.0.15005.0
    ESET Mail Security ESET Mail Security pour Microsoft Exchange Server versions 10.0.x.x antérieures à 10.0.10018.0
    ESET N/A ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 9.1.x.x antérieures à 9.1.2071.0
    ESET Mail Security ESET Mail Security pour IBM Domino versions 9.0.x.x antérieures à 9.0.14008.0
    ESET N/A ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 9.0.x.x antérieures à 9.0.12019.0
    ESET N/A ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 11.0.x.x antérieures à 11.0.2032.0
    ESET File Security ESET File Security pour Microsoft Azure

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ESET Security pour Microsoft SharePoint Server versions 7.3.x.x ant\u00e9rieures \u00e0 7.3.15006.0",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security Premium et ESET Security Ultimate versions ant\u00e9rieures \u00e0 17.0.10.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour IBM Domino versions 10.0.x.x ant\u00e9rieures \u00e0 10.0.14007.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour Microsoft Exchange Server versions 10.1.x.x ant\u00e9rieures \u00e0 10.1.10014.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security pour Microsoft SharePoint Server versions 9.0.x.x ant\u00e9rieures \u00e0 9.0.15006.0",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour IBM Domino versions 7.3.x.x ant\u00e9rieures \u00e0 7.3.14006.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 10.0.x.x ant\u00e9rieures \u00e0 10.0.12015.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour IBM Domino versions 8.0.x.x ant\u00e9rieures \u00e0 8.0.14014.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 10.1.x.x ant\u00e9rieures \u00e0 10.1.2063.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 10.0.x.x ant\u00e9rieures \u00e0 10.0.2052.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 7.3.x.x ant\u00e9rieures \u00e0 7.3.12013.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 8.1.x.x ant\u00e9rieures \u00e0 8.1.2062.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour Microsoft Exchange Server versions 9.0.x.x ant\u00e9rieures \u00e0 9.0.10012.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 8.0.x.x ant\u00e9rieures \u00e0 8.0.12016.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour Microsoft Exchange Server versions 8.0.x.x ant\u00e9rieures \u00e0 8.0.10024.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour Microsoft Exchange Server versions 7.3.x.x ant\u00e9rieures \u00e0 7.3.10018.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security pour Microsoft SharePoint Server versions 8.0.x.x ant\u00e9rieures \u00e0 8.0.15012.0",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security pour Microsoft SharePoint Server versions 10.0.x.x ant\u00e9rieures \u00e0 10.0.15005.0",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour Microsoft Exchange Server versions 10.0.x.x ant\u00e9rieures \u00e0 10.0.10018.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 9.1.x.x ant\u00e9rieures \u00e0 9.1.2071.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour IBM Domino versions 9.0.x.x ant\u00e9rieures \u00e0 9.0.14008.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security pour Windows Server (anciennement File Security pour Microsoft Windows Server) versions 9.0.x.x ant\u00e9rieures \u00e0 9.0.12019.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus pour Windows et ESET Endpoint Security pour Windows versions 11.0.x.x ant\u00e9rieures \u00e0 11.0.2032.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET File Security pour Microsoft Azure",
          "product": {
            "name": "File Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": null,
      "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
      "cves": [
        {
          "name": "CVE-2024-0353",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-0353"
        }
      ],
      "links": [
        {
          "title": "Bulletin de s\u00e9curit\u00e9 ESET\u00a0CA8612 du 14 f\u00e9vrier 2024",
          "url": "https://support.eset.com/en/ca8612-eset-customer-advisory-link-following-local-privilege-escalation-vulnerability-in-eset-products-for-windows-fixed"
        }
      ],
      "reference": "CERTFR-2024-AVI-0136",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-02-15T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "\u00c9l\u00e9vation de privil\u00e8ges"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nproduits ESET\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 ESET CA8612 du 14 f\u00e9vrier 2024",
          "url": null
        }
      ]
    }

    CERTFR-2024-AVI-0079

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer une exécution de code arbitraire.

    Solution

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    None
    Impacted products
    Vendor Product Description
    ESET N/A ESET Endpoint Security et ESET Endpoint Antivirus versions antérieures à 11.0.2032.x
    ESET Mail Security ESET Mail Security pour Microsoft Exchange Server versions antérieures à 10.1.10014.0
    ESET N/A ESET NOD32 Antivirus, ESET Internet Security et ESET Smart Security Premium versions antérieures à 17.0.15.0
    References

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ESET Endpoint Security et ESET Endpoint Antivirus versions ant\u00e9rieures \u00e0 11.0.2032.x",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour Microsoft Exchange Server versions ant\u00e9rieures \u00e0 10.1.10014.0",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET NOD32 Antivirus, ESET Internet Security et ESET Smart Security Premium versions ant\u00e9rieures \u00e0 17.0.15.0",
          "product": {
            "name": "N/A",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": null,
      "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
      "cves": [
        {
          "name": "CVE-2023-7043",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-7043"
        }
      ],
      "links": [],
      "reference": "CERTFR-2024-AVI-0079",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2024-01-30T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Ex\u00e9cution de code arbitraire"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nproduits ESET\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire.\n",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 ESET CA8602 du 26 janvier 2024",
          "url": "https://support.eset.com/en/ca8602-eset-customer-advisory-unquoted-path-privilege-vulnerability-in-eset-products-for-windows-fixed"
        }
      ]
    }

    CERTFR-2023-AVI-1053

    Vulnerability from certfr_avis - Published: - Updated:

    Une vulnérabilité a été découverte dans les produits ESET. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

    Solution

    Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

    None
    Impacted products
    Vendor Product Description
    ESET Security Ultimate ESET Security Ultimate
    ESET Endpoint Antivirus ESET Endpoint Antivirus versions postérieures à 10.0 pour Linux
    ESET Server Security ESET Server Security versions postérieures à 10.1 pour Linux
    ESET Endpoint Antivirus ESET Endpoint Antivirus pour Windows
    ESET NOD32 Antivirus ESET NOD32 Antivirus
    ESET Endpoint Security ESET Endpoint Security pour Windows
    ESET Smart Security Premium ESET Smart Security Premium
    ESET Mail Security ESET Mail Security pour Microsoft Exchange Server
    ESET Internet Security ESET Internet Security
    ESET Server Security ESET Server Security pour Windows Server
    ESET Mail Security ESET Mail Security pour IBM Domino
    ESET Security ESET Security pour Microsoft SharePoint Server
    ESET File Security ESET File Security pour Microsoft Azure

    Show details on source website

    {
      "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
      "affected_systems": [
        {
          "description": "ESET Security Ultimate",
          "product": {
            "name": "Security Ultimate",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus versions post\u00e9rieures \u00e0 10.0 pour Linux",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security versions post\u00e9rieures \u00e0 10.1 pour Linux",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Antivirus pour Windows",
          "product": {
            "name": "Endpoint Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET NOD32 Antivirus",
          "product": {
            "name": "NOD32 Antivirus",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Endpoint Security pour Windows",
          "product": {
            "name": "Endpoint Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Smart Security Premium",
          "product": {
            "name": "Smart Security Premium",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour Microsoft Exchange Server",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Internet Security",
          "product": {
            "name": "Internet Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Server Security pour Windows Server",
          "product": {
            "name": "Server Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Mail Security pour IBM Domino",
          "product": {
            "name": "Mail Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET Security pour Microsoft SharePoint Server",
          "product": {
            "name": "Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        },
        {
          "description": "ESET File Security pour Microsoft Azure",
          "product": {
            "name": "File Security",
            "vendor": {
              "name": "ESET",
              "scada": false
            }
          }
        }
      ],
      "affected_systems_content": null,
      "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
      "cves": [
        {
          "name": "CVE-2023-5594",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-5594"
        }
      ],
      "links": [
        {
          "title": "Bulletin de s\u00e9curit\u00e9 ESET\u00a0CA8562 du 20 d\u00e9cembre 2023",
          "url": "https://support.eset.com/en/ca8562-eset-customer-advisory-improper-following-of-a-certificates-chain-of-trust-in-eset-security-products-fixed"
        }
      ],
      "reference": "CERTFR-2023-AVI-1053",
      "revisions": [
        {
          "description": "Version initiale",
          "revision_date": "2023-12-22T00:00:00.000000"
        }
      ],
      "risks": [
        {
          "description": "Contournement de la politique de s\u00e9curit\u00e9"
        }
      ],
      "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans \u003cspan class=\"textit\"\u003eles\nproduits ESET\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
      "title": "Vuln\u00e9rabilit\u00e9 dans les produits ESET",
      "vendor_advisories": [
        {
          "published_at": null,
          "title": "Bulletin de s\u00e9curit\u00e9 ESET CA8562 du 20 d\u00e9cembre 2023",
          "url": null
        }
      ]
    }

    VAR-201411-0062

    Vulnerability from variot - Updated: 2023-12-18 13:29

    The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls. Multiple ESET Products are prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information. Information obtained may lead to further attacks. Both ESET Smart Security and ESET Endpoint Security are security package solutions from ESET in Slovakia, which include functions such as virus defense and cleaning, anti-spam and firewall; the former is the home version, and the latter is the business version. The vulnerability is caused by improper validation for some IOCTLs.

    Further details at:

    https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/

    Copyright: Copyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited.

    Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

    This email originates from the systems of Portcullis Computer Security Limited, a Private limited company, registered in England in accordance with the Companies Act under number 02763799. The registered office address of Portcullis Computer Security Limited is: Portcullis House, 2 Century Court, Tolpits Lane, Watford, United Kingdom, WD18 9RS.
    The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Any opinions expressed are those of the individual and do not represent the opinion of the organisation. Access to this email by persons other than the intended recipient is strictly prohibited. If you are not the intended recipient, any disclosure, copying, distribution or other action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email is subject to the terms and conditions expressed in the applicable Portcullis Computer Security Limited terms of business.

    This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal.

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201411-0062",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "personal firewall ndis filter",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1183_\\(20140214\\)"
          },
          {
            "model": "personal firewall ndis filter",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "eset",
            "version": "build 1212 (20140609)"
          },
          {
            "model": "personal firewall ndis filter",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "eset",
            "version": "1183_\\(20140214\\)"
          },
          {
            "model": "smart security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "0"
          },
          {
            "model": "personal firewall module build",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1183(20140214"
          },
          {
            "model": "endpoint security",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "0"
          },
          {
            "model": "personal firewall module build",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1212(20140609"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:eset:personal_firewall_ndis_filter:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1183_\\(20140214\\)",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kyriakos Economou",
        "sources": [
          {
            "db": "BID",
            "id": "70770"
          },
          {
            "db": "PACKETSTORM",
            "id": "128874"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ],
        "trust": 1.0
      },
      "cve": "CVE-2014-4974",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "LOW",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Local",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 2.1,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2014-4974",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Low",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "NONE",
                "baseScore": 2.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 3.9,
                "id": "VHN-72915",
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "severity": "LOW",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2014-4974",
                "trust": 1.8,
                "value": "LOW"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201410-1369",
                "trust": 0.6,
                "value": "LOW"
              },
              {
                "author": "VULHUB",
                "id": "VHN-72915",
                "trust": 0.1,
                "value": "LOW"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall module before Build 1212 (20140609), as used in multiple ESET products 5.0 through 7.0, allows local users to obtain sensitive information from kernel memory via crafted IOCTL calls. Multiple ESET Products are prone to a local information-disclosure vulnerability. \nLocal attackers can exploit this issue to obtain sensitive information. Information obtained may lead to further attacks. Both ESET Smart Security and ESET Endpoint Security are security package solutions from ESET in Slovakia, which include functions such as virus defense and cleaning, anti-spam and firewall; the former is the home version, and the latter is the business version. \nThe vulnerability is caused by improper validation for some IOCTLs. \n\nFurther details at:\n\nhttps://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/\n\nCopyright:\nCopyright (c) Portcullis Computer Security Limited 2014, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited. \n\nDisclaimer:\nThe information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user\u0027s risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. \n\n\n\n###############################################################\nThis email originates from the systems of Portcullis\nComputer Security Limited, a Private limited company, \nregistered in England in accordance with the Companies \nAct under number 02763799. The registered office \naddress of Portcullis Computer Security Limited is: \nPortcullis House, 2 Century Court, Tolpits Lane, Watford, \nUnited Kingdom, WD18 9RS.  \nThe information in this email is confidential and may be \nlegally privileged. It is intended solely for the addressee. \nAny opinions expressed are those of the individual and \ndo not represent the opinion of the organisation. Access \nto this email by persons other than the intended recipient \nis strictly prohibited. \nIf you are not the intended recipient, any disclosure, \ncopying, distribution or other action taken or omitted to be \ntaken in reliance on it, is prohibited and may be unlawful. \nWhen addressed to our clients any opinions or advice \ncontained in this email is subject to the terms and \nconditions expressed in the applicable Portcullis Computer \nSecurity Limited terms of business. \n###############################################################\n\n#####################################################################################\nThis e-mail message has been scanned for Viruses and Content and cleared \nby MailMarshal. \n#####################################################################################\n\n\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "db": "BID",
            "id": "70770"
          },
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "db": "PACKETSTORM",
            "id": "128874"
          }
        ],
        "trust": 2.07
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-72915",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-4974",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "70770",
            "trust": 2.0
          },
          {
            "db": "PACKETSTORM",
            "id": "128874",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369",
            "trust": 0.7
          },
          {
            "db": "XF",
            "id": "98312",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-72915",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "db": "BID",
            "id": "70770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "db": "PACKETSTORM",
            "id": "128874"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ]
      },
      "id": "VAR-201411-0062",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T13:29:39.589000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://www.eset.com/us/"
          },
          {
            "title": "Windows\u7528\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u30d1\u30fc\u30bd\u30ca\u30eb\u30d5\u30a1\u30a4\u30a2\u30a6\u30a9\u30fc\u30eb\u6a5f\u80fd\u306b\u95a2\u3059\u308b\u8106\u5f31\u6027\uff08JVNDB-2014-005235\uff09\u3078\u306e\u5bfe\u5fdc\u72b6\u6cc1\u306b\u3064\u3044\u3066",
            "trust": 0.8,
            "url": "http://canon-its.jp/supp/eset/notify20141118.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-200",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.9,
            "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-4974/"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/70770"
          },
          {
            "trust": 1.7,
            "url": "http://seclists.org/fulldisclosure/2014/oct/118"
          },
          {
            "trust": 1.7,
            "url": "http://packetstormsecurity.com/files/128874/eset-7.0-kernel-memory-leak.html"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98312"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4974"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4974"
          },
          {
            "trust": 0.6,
            "url": "http://xforce.iss.net/xforce/xfdb/98312"
          },
          {
            "trust": 0.3,
            "url": "http://www.eset.com/smartsecurity/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-4974"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "db": "BID",
            "id": "70770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "db": "PACKETSTORM",
            "id": "128874"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "db": "BID",
            "id": "70770"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "db": "PACKETSTORM",
            "id": "128874"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-11-04T00:00:00",
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "date": "2014-10-22T00:00:00",
            "db": "BID",
            "id": "70770"
          },
          {
            "date": "2014-11-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "date": "2014-10-28T18:13:16",
            "db": "PACKETSTORM",
            "id": "128874"
          },
          {
            "date": "2014-11-04T16:55:06.450000",
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "date": "2014-10-29T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-08-29T00:00:00",
            "db": "VULHUB",
            "id": "VHN-72915"
          },
          {
            "date": "2014-10-22T00:00:00",
            "db": "BID",
            "id": "70770"
          },
          {
            "date": "2014-12-02T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          },
          {
            "date": "2017-08-29T01:35:10.453000",
            "db": "NVD",
            "id": "CVE-2014-4974"
          },
          {
            "date": "2014-12-01T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "BID",
            "id": "70770"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  ESET Used in products  ESET Personal Firewall NDIS Vulnerability in the acquisition of important information in the filter kernel mode driver",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-005235"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "information disclosure",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-1369"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200501-0309

    Vulnerability from variot - Updated: 2023-12-18 12:40

    Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0309",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "sophos",
            "version": "3.78d"
          },
          {
            "model": "small business suite",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "1.0"
          },
          {
            "model": "puremessage anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "4.6"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.86"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.85"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.84"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.83"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.82"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.81"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.80"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.79"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.4.6"
          },
          {
            "model": "antivirus engine",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mcafee",
            "version": "4.3.20"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "mandrake linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "10.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.1"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.12"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.0"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.0"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.13"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "1.0"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.5"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "7.0_sp2"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.11"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "for mail servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.4.2"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.5"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "4.0"
          },
          {
            "model": "brightstor arcserve backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "11.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "5.0"
          },
          {
            "model": "for file servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "*"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.4"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.6"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "9.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "3.0"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.1"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.3"
          },
          {
            "model": "archive zip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "anti-virus d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "antivirus rav antivirus for mail servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.4.2"
          },
          {
            "model": "antivirus rav antivirus for file servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "1.0"
          },
          {
            "model": "antivirus rav antivirus desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.6"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "5.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "4.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "3.0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.013"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.012"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.011"
          },
          {
            "model": "associates inoculateit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.1"
          },
          {
            "model": "associates etrust secure content manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.1.13"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.4"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.3"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.0"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.3"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.2"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates brightstor arcserve backup for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "11.1"
          },
          {
            "model": "archive::zip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "archive::zip",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.14"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-0933",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9363",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2004-0933",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200501-311",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9363",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9363"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability.  This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user.  The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security.  If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9363"
          }
        ],
        "trust": 1.26
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-9363",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9363"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2004-0933",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "11448",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311",
            "trust": 0.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "629",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-9363",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9363"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "id": "VAR-200501-0309",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9363"
          }
        ],
        "trust": 0.725
      },
      "last_update_date": "2023-12-18T12:40:29.156000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Multiple antivirus software Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146860"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.0,
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
          },
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/11448"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
          },
          {
            "trust": 1.6,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "trust": 0.3,
            "url": "http://download.mcafee.com/uk/updates/updates.asp"
          },
          {
            "trust": 0.3,
            "url": "http://www.nod32.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kaspersky.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ravantivirus.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.sophos.com/"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/378660"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9363"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-9363"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9363"
          },
          {
            "date": "2004-10-18T00:00:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2005-01-27T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "date": "2004-10-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9363"
          },
          {
            "date": "2009-07-12T08:06:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2021-04-09T17:00:09.303000",
            "db": "NVD",
            "id": "CVE-2004-0933"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": " Security hole",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-311"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200501-0012

    Vulnerability from variot - Updated: 2023-12-18 12:40

    RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0012",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "9.2"
          },
          {
            "model": "small business suite",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "1.0"
          },
          {
            "model": "puremessage anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "4.6"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.86"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.85"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.84"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.83"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.82"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.81"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.80"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.79"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.4.6"
          },
          {
            "model": "antivirus engine",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mcafee",
            "version": "4.3.20"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "mandrake linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "10.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.1"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.12"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.0"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.0"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.13"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "1.0"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.5"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "7.0_sp2"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.11"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "for mail servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.4.2"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.5"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "4.0"
          },
          {
            "model": "brightstor arcserve backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "11.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "5.0"
          },
          {
            "model": "for file servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "*"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.4"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.6"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "3.0"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.1"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.78d"
          },
          {
            "model": "archive zip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "anti-virus d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "antivirus rav antivirus for mail servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.4.2"
          },
          {
            "model": "antivirus rav antivirus for file servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "1.0"
          },
          {
            "model": "antivirus rav antivirus desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.6"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "5.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "4.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "3.0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.013"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.012"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.011"
          },
          {
            "model": "associates inoculateit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.1"
          },
          {
            "model": "associates etrust secure content manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.1.13"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.4"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.3"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.0"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.3"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.2"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates brightstor arcserve backup for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "11.1"
          },
          {
            "model": "archive::zip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "archive::zip",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.14"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-0936",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9366",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2004-0936",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#968818",
                "trust": 0.8,
                "value": "7.59"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200501-300",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9366",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9366"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability.  This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected.  The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security.  If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9366"
          }
        ],
        "trust": 1.98
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-9366",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9366"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818",
            "trust": 2.5
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0936",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "11448",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300",
            "trust": 0.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "629",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-9366",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9366"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "id": "VAR-200501-0012",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9366"
          }
        ],
        "trust": 0.725
      },
      "last_update_date": "2023-12-18T12:40:29.128000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "RAV AntiVirus zip Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146862"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/11448"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/968818"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
          },
          {
            "trust": 1.6,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "trust": 0.8,
            "url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
          },
          {
            "trust": 0.8,
            "url": "http://rt.cpan.org/noauth/bug.html?id=8077"
          },
          {
            "trust": 0.8,
            "url": "http://www.idefense.com/application/poi/display?id=153"
          },
          {
            "trust": 0.3,
            "url": "http://download.mcafee.com/uk/updates/updates.asp"
          },
          {
            "trust": 0.3,
            "url": "http://www.nod32.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kaspersky.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ravantivirus.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.sophos.com/"
          },
          {
            "trust": 0.3,
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/378660"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9366"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9366"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-12-10T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2005-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9366"
          },
          {
            "date": "2004-10-18T00:00:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2005-01-27T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "date": "2004-10-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-01-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2017-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9366"
          },
          {
            "date": "2009-07-12T08:06:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2021-04-09T17:00:09.303000",
            "db": "NVD",
            "id": "CVE-2004-0936"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Anti-virus software may not properly scan malformed zip archives",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-300"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200501-0311

    Vulnerability from variot - Updated: 2023-12-18 12:40

    Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Eset Anti-Virus is an anti-virus software

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0311",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "small business suite",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "1.0"
          },
          {
            "model": "puremessage anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "4.6"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.86"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.85"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.84"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.83"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.82"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.81"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.80"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.79"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.4.6"
          },
          {
            "model": "antivirus engine",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mcafee",
            "version": "4.3.20"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "mandrake linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "10.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.1"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.12"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.0"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.0"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.13"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "1.0"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.5"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "7.0_sp2"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.11"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "for mail servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.4.2"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.5"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "4.0"
          },
          {
            "model": "brightstor arcserve backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "11.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "5.0"
          },
          {
            "model": "for file servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "*"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.4"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.6"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "9.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "3.0"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.1"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.78d"
          },
          {
            "model": "archive zip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "6.0"
          },
          {
            "model": "anti-virus d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "antivirus rav antivirus for mail servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.4.2"
          },
          {
            "model": "antivirus rav antivirus for file servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "1.0"
          },
          {
            "model": "antivirus rav antivirus desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.6"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "5.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "4.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "3.0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.013"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.012"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.011"
          },
          {
            "model": "associates inoculateit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.1"
          },
          {
            "model": "associates etrust secure content manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.1.13"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.4"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.3"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.0"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.3"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.2"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates brightstor arcserve backup for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "11.1"
          },
          {
            "model": "archive::zip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "archive::zip",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.14"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-0935",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9365",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2004-0935",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#968818",
                "trust": 0.8,
                "value": "7.59"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200501-297",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9365",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9365"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability.  This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected.  The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security.  If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Eset Anti-Virus is an anti-virus software",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9365"
          }
        ],
        "trust": 1.98
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-9365",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9365"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818",
            "trust": 2.5
          },
          {
            "db": "BID",
            "id": "11448",
            "trust": 2.0
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0935",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297",
            "trust": 0.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "629",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-9365",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9365"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "id": "VAR-200501-0311",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9365"
          }
        ],
        "trust": 0.725
      },
      "last_update_date": "2023-12-18T12:40:29.100000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Eset AntiVirus zip Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146863"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/11448"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/968818"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
          },
          {
            "trust": 1.6,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "trust": 0.8,
            "url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
          },
          {
            "trust": 0.8,
            "url": "http://rt.cpan.org/noauth/bug.html?id=8077"
          },
          {
            "trust": 0.8,
            "url": "http://www.idefense.com/application/poi/display?id=153"
          },
          {
            "trust": 0.3,
            "url": "http://download.mcafee.com/uk/updates/updates.asp"
          },
          {
            "trust": 0.3,
            "url": "http://www.nod32.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kaspersky.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ravantivirus.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.sophos.com/"
          },
          {
            "trust": 0.3,
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/378660"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9365"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9365"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-12-10T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2005-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9365"
          },
          {
            "date": "2004-10-18T00:00:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2005-01-27T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "date": "2004-10-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-01-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2017-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9365"
          },
          {
            "date": "2009-07-12T08:06:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2021-04-09T17:00:09.303000",
            "db": "NVD",
            "id": "CVE-2004-0935"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Anti-virus software may not properly scan malformed zip archives",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-297"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200501-0243

    Vulnerability from variot - Updated: 2023-12-18 12:40

    Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0243",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "9.2"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.79"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.84"
          },
          {
            "model": "mandrake linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "10.1"
          },
          {
            "model": "puremessage anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "4.6"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.86"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.12"
          },
          {
            "model": "antivirus engine",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "4.3.20"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.0"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.13"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "1.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.80"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.5"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "7.0_sp2"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.11"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.81"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "for mail servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.4.2"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.5"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "4.0"
          },
          {
            "model": "brightstor arcserve backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "11.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "5.0"
          },
          {
            "model": "for file servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "1.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.85"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "*"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.4"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.6"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "3.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.83"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.1"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.4.6"
          },
          {
            "model": "small business suite",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "1.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.78d"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.82"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "cpan",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          }
        ]
      },
      "cve": "CVE-2004-1096",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9526",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2004-1096",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#492545",
                "trust": 0.8,
                "value": "3.59"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200501-061",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9526",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9526"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9526"
          }
        ],
        "trust": 1.71
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-9526",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9526"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#492545",
            "trust": 2.5
          },
          {
            "db": "SECUNIA",
            "id": "13038",
            "trust": 1.7
          },
          {
            "db": "BID",
            "id": "11448",
            "trust": 1.7
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1096",
            "trust": 1.7
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061",
            "trust": 0.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "629",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-9526",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9526"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "id": "VAR-200501-0243",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9526"
          }
        ],
        "trust": 0.725
      },
      "last_update_date": "2023-12-18T12:40:29.045000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Archive::Zip AntiVirus Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146865"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/11448"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/492545"
          },
          {
            "trust": 1.7,
            "url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
          },
          {
            "trust": 1.7,
            "url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:118"
          },
          {
            "trust": 1.7,
            "url": "http://secunia.com/advisories/13038/"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
          },
          {
            "trust": 1.6,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "trust": 0.8,
            "url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
          },
          {
            "trust": 0.8,
            "url": "http://rt.cpan.org/noauth/bug.html?id=8077"
          },
          {
            "trust": 0.8,
            "url": "http://www.idefense.com/application/poi/display?id=153"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9526"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9526"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-11-12T00:00:00",
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "date": "2005-01-10T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9526"
          },
          {
            "date": "2005-01-10T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "date": "2005-01-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-11-15T00:00:00",
            "db": "CERT/CC",
            "id": "VU#492545"
          },
          {
            "date": "2017-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9526"
          },
          {
            "date": "2021-04-09T17:00:09.303000",
            "db": "NVD",
            "id": "CVE-2004-1096"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Archive::Zip may not properly parse the file sizes of Zip archives",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#492545"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-061"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200502-0003

    Vulnerability from variot - Updated: 2023-12-18 12:40

    Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors' software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200502-0003",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "9.2"
          },
          {
            "model": "small business suite",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "1.0"
          },
          {
            "model": "puremessage anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "4.6"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.86"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.85"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.84"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.83"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.82"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.81"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.80"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.79"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.4.6"
          },
          {
            "model": "antivirus engine",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mcafee",
            "version": "4.3.20"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "mandrake linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "10.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.1"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.12"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.0"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.0"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.13"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "1.0"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.5"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "7.0_sp2"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.11"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "for mail servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.4.2"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.5"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "4.0"
          },
          {
            "model": "brightstor arcserve backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "11.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "5.0"
          },
          {
            "model": "for file servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "*"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.4"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.6"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "3.0"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.1"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.78d"
          },
          {
            "model": "archive zip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "anti-virus d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "antivirus rav antivirus for mail servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.4.2"
          },
          {
            "model": "antivirus rav antivirus for file servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "1.0"
          },
          {
            "model": "antivirus rav antivirus desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.6"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "5.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "4.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "3.0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.013"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.012"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.011"
          },
          {
            "model": "associates inoculateit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.1"
          },
          {
            "model": "associates etrust secure content manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.1.13"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.4"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.3"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.0"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.3"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.2"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates brightstor arcserve backup for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "11.1"
          },
          {
            "model": "archive::zip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "archive::zip",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.14"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-0937",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9367",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2004-0937",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#968818",
                "trust": 0.8,
                "value": "7.59"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200502-042",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9367",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9367"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability.  This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected.  The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security.  If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors\u0027 software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9367"
          }
        ],
        "trust": 1.98
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-9367",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9367"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818",
            "trust": 2.5
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0937",
            "trust": 2.0
          },
          {
            "db": "BID",
            "id": "11448",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042",
            "trust": 0.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "629",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-9367",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9367"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "id": "VAR-200502-0003",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9367"
          }
        ],
        "trust": 0.725
      },
      "last_update_date": "2023-12-18T12:40:29.016000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Many anti-virus vendors software Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146859"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/11448"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/968818"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
          },
          {
            "trust": 1.6,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "trust": 0.8,
            "url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
          },
          {
            "trust": 0.8,
            "url": "http://rt.cpan.org/noauth/bug.html?id=8077"
          },
          {
            "trust": 0.8,
            "url": "http://www.idefense.com/application/poi/display?id=153"
          },
          {
            "trust": 0.3,
            "url": "http://download.mcafee.com/uk/updates/updates.asp"
          },
          {
            "trust": 0.3,
            "url": "http://www.nod32.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kaspersky.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ravantivirus.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.sophos.com/"
          },
          {
            "trust": 0.3,
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/378660"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9367"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9367"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-12-10T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2005-02-09T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9367"
          },
          {
            "date": "2004-10-18T00:00:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2005-02-09T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "date": "2004-10-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-01-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2017-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9367"
          },
          {
            "date": "2009-07-12T08:06:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2021-04-09T17:00:09.303000",
            "db": "NVD",
            "id": "CVE-2004-0937"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Anti-virus software may not properly scan malformed zip archives",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200502-042"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200501-0310

    Vulnerability from variot - Updated: 2023-12-18 12:40

    Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Kaspersky is a well-known antivirus software. Kaspersky 3.x and 4.x versions have issues when processing .zip files, resulting in a vulnerability to bypass antivirus checks.

    II. DESCRIPTION

    Remote exploitation of an exceptional condition error in multiple vendors' anti-virus software allows attackers to bypass security protections by evading virus detection. The .zip file format stores information about compressed files in two locations - a local header and a global header. The local header exists just before the compressed data of each file, and the global header exists at the end of the .zip archive. It is possible to modify the uncompressed size of archived files in both the local and global header without affecting functionality. This has been confirmed with both WinZip and Microsoft Compressed Folders. An attacker can compress a malicious payload and evade detection by some anti-virus software by modifying the uncompressed size within the local and global headers to zero.

    III. ANALYSIS

    Successful exploitation allows remote attackers to pass malicious payloads within a compressed archive to a target without being detected. Most anti-virus engines have the ability to scan content packaged with compressed archives. As such, users with up-to-date anti-virus software are more likely to open attachments and files if they are under the false impression that the archive was already scanned and found to not contain a virus.

    IV. The Vendor Responses section of this advisory contains details on the status of specific vendor fixes for this issue.

    V. WORKAROUND

    Filter all compressed file archives (.zip) at border gateways, regardless of content.

    VI. VENDOR RESPONSES

    McAfee "The McAfee scan engine has always been a market leader in detection of viruses, worms and Trojans within compressed and archived file formats. As such the mechanism used for the detection of such payloads has been designed to ensure all archive files are thoroughly scanned at each nested level in the file to ensure that all appropriate parts of the file are scanned.

    McAfee is aware of a proof of concept exploitation in Zip archive payloads where information in the local header part of the archive is modified.

    The local header exists just before the compressed data of each file. It is possible to modify the uncompressed size of archived files in the local header without affecting functionality. Consequently there is the potential for a malicious payload to be hidden and avoid anti-virus detection by modifying the uncompressed size within the local headers to zero.

    The techniques used by McAfee to analyze Zip archives have allowed a comprehensive solution for the Zip file format vulnerability to be provided to protect customers.

    The latest update for the current 4320 McAfee Anti-Virus Engine DATS drivers (Version 4398 released on Oct 13th 2004) further enhances the protection afforded to McAfee customers against such potential exploits.

    A DATS Driver update issued in Version 4397 (October 6th 2004) provided early protection for the same potential exploit targeted specifically for Gateway and Command line scanning.

    If a detection of this type of exploit is found it will trigger the message "Found the Exploit-Zip Trojan!" to be displayed.

    Updates for the DAT files mentioned above can be located at the following links:

    Home (Retail) Users: http://download.mcafee.com/uk/updates/updates.asp

    Business (Enterprise) Users: http://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1

    It should be noted that whilst McAfee take the potential for this exploit to be used maliciously seriously, to date no evidence of such an exploit has been discovered. McAfee has provided additional protection through the DATS driver update however with usage of the comprehensive suite of anti-virus protection strategies provided by McAfee products, MacAfee are confident that this exploit presented no additional threat to its customers.

    It should be noted that with McAfee on-access scanning active, such modification for malicious purposes to hide payloads only delays eventual detection - McAfee on-access detection will detect any payload with malicious intent as malware.

    McAfee continues to focus on ensuring that customers receive maximum protection and provide a rapid response to all potential vulnerabilities thus ensuring customer satisfaction."

    Computer Associates "With the assistance of iDEFENSE, Computer Associates has identified a medium-risk vulnerability in a shared component of eTrust Antivirus which may allow a specially crafted .ZIP file to bypass virus detection. A number of CA products embed this technology including solutions from eTrust, Brightstor and others.

    Customers are encouraged to visit the CA support web site below for more information about this vulnerability, a list of products and platforms that are effected, and remediation procedures. http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp.

    At Computer Associates, every reported exposure is handled with the utmost urgency. We strive to ensure that no customer is left in a vulnerable situation."

    Kaspersky (09/24/2004) "...this bug for scanners based on 3.x-4.x engines will be fixed in next (not current) cumulative update.

    For scanners based on new 5.0 engine we recommend you waiting for the release of our next maintenance pack. We are going to release it in October."

    Sophos "A vulnerability has been discovered in Sophos's handling of Zip archive files, whereby a Zip file can be deliberately altered to prevent accurate scanning by Sophos anti-virus products of its contents.

    Although theoretically a risk, Sophos has not seen any examples of malware attempting to employ this vulnerability.

    Furthermore, The vulnerability does not prevent Sophos's desktop on-access scanner from correctly detecting viruses (and preventing actual infection) which manage to bypass the email gateway software, so the risks of infection are very small.

    Sophos has enhanced its scan engine to deal with malformed Zip files. Version 3.87.0 of Sophos Anti-Virus on all operating system platforms except Windows 95/98/Me includes this fix and customers will be automatically updated to this version via EM Library from Wednesday 20 October 2004. Additionally, a version of the software will be available for download from the Sophos website from Friday 22 October 2004.

    Sophos Anti-Virus for Windows 95/98/Me customers will be updated with the fix from version 3.88.0 (available from 24 November 2004).

    Sophos thanks iDEFENSE for their assistance in identifying this vulnerability."

    Eset "The vulnerability was caused by the fact that some archive compression/decompression software (including Winzip) incorrectly handles compressed files with deliberately damaged header fields, thus, in-fact, allowing creation of the damaged archive files, that could be automatically repaired on the victims computer without notifying the user.

    Eset has made appropriate modifications to archive-scanning code to handle such kind of archives immediately after receiving notification from iDEFENSE. These changes are contained in archive-support module version 1.020, released on 16th September 2004 at 21:00 CET. The update was available for all clients with Automatic Virus-Signatures Update set."

    RAV No vendor response

    VII. CVE INFORMATION

    The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues:

    CAN-2004-0932 - McAfee CAN-2004-0933 - Computer Associates CAN-2004-0934 - Kaspersky CAN-2004-0937 - Sophos CAN-2004-0935 - Eset CAN-2004-0936 - RAV

    These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.

    VIII. DISCLOSURE TIMELINE

    09/16/2004 Initial vendor notification 09/16/2004 iDEFENSE clients notified 10/18/2004 Coordinated public disclosure

    IX. CREDIT

    The discoverer of this vulnerability wishes to remain anonymous.

    Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp

    X. LEGAL NOTICES

    Copyright © 2004 iDEFENSE, Inc.

    Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.

    Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0310",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "suse",
            "version": "9.2"
          },
          {
            "model": "small business suite",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "1.0"
          },
          {
            "model": "puremessage anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "4.6"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.86"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.85"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.84"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.83"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.82"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.81"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.80"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.79"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.4.6"
          },
          {
            "model": "antivirus engine",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mcafee",
            "version": "4.3.20"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "mandrake linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "10.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.1"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.12"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.0"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.0"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.13"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "1.0"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.5"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "7.0_sp2"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.11"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "for mail servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.4.2"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.5"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "4.0"
          },
          {
            "model": "brightstor arcserve backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "11.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "5.0"
          },
          {
            "model": "for file servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "*"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.4"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.6"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "3.0"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.1"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.78d"
          },
          {
            "model": "archive zip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "anti-virus d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "antivirus rav antivirus for mail servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.4.2"
          },
          {
            "model": "antivirus rav antivirus for file servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "1.0"
          },
          {
            "model": "antivirus rav antivirus desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.6"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "5.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "4.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "3.0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.013"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.012"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.011"
          },
          {
            "model": "associates inoculateit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.1"
          },
          {
            "model": "associates etrust secure content manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.1.13"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.4"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.3"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.0"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.3"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.2"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates brightstor arcserve backup for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "11.1"
          },
          {
            "model": "archive::zip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "archive::zip",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.14"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-0934",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9364",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2004-0934",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CARNEGIE MELLON",
                "id": "VU#968818",
                "trust": 0.8,
                "value": "7.59"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200501-310",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9364",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9364"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability.  This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected.  The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security.  If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Kaspersky is a well-known antivirus software. Kaspersky 3.x and 4.x versions have issues when processing .zip files, resulting in a vulnerability to bypass antivirus checks. \n\nII. DESCRIPTION\n\nRemote exploitation of an exceptional condition error in multiple\nvendors\u0027 anti-virus software allows attackers to bypass security\nprotections by evading virus detection. \nThe .zip file format stores information about compressed files in two\nlocations - a local header and a global header. The local header exists\njust before the compressed data of each file, and the global header\nexists at the end of the .zip archive. It is possible to modify the\nuncompressed size of archived files in both the local and global header\nwithout affecting functionality. This has been confirmed with both\nWinZip and Microsoft Compressed Folders. An attacker can compress a\nmalicious payload and evade detection by some anti-virus software by\nmodifying the uncompressed size within the local and global headers to\nzero. \n\nIII. ANALYSIS\n\nSuccessful exploitation allows remote attackers to pass malicious\npayloads within a compressed archive to a target without being detected. \nMost anti-virus engines have the ability to scan content packaged with\ncompressed archives. As such, users with up-to-date anti-virus software\nare more likely to open attachments and files if they are under the\nfalse impression that the archive was already scanned and found to not\ncontain a virus. \n\nIV. The Vendor Responses section of this\nadvisory contains details on the status of specific vendor fixes for\nthis issue. \n\nV. WORKAROUND\n\nFilter all compressed file archives (.zip) at border gateways,\nregardless of content. \n\nVI. VENDOR RESPONSES\n\nMcAfee\n\"The McAfee scan engine has always been a market leader in detection of\nviruses, worms and Trojans within compressed and archived file formats. \nAs such the mechanism used for the detection of such payloads has been\ndesigned to ensure all archive files are thoroughly scanned at each\nnested level in the file to ensure that all appropriate parts of the\nfile are scanned. \n\nMcAfee is aware of a proof of concept exploitation in Zip archive\npayloads where information in the local header part of the archive is\nmodified. \n\nThe local header exists just before the compressed data of each file. It\nis possible to modify the uncompressed size of archived files in the\nlocal header without affecting functionality.  Consequently there is the\npotential for a malicious payload to be hidden and avoid anti-virus\ndetection by modifying the uncompressed size within the local headers to\nzero. \n\nThe techniques used by McAfee to analyze Zip archives have allowed a\ncomprehensive solution for the Zip file format vulnerability to be\nprovided to protect customers. \n\nThe latest update for the current 4320 McAfee Anti-Virus Engine DATS\ndrivers (Version 4398 released on Oct 13th 2004) further enhances the\nprotection afforded to McAfee customers against such potential exploits. \n\nA DATS Driver update issued in Version 4397 (October 6th 2004) provided\nearly protection for the same potential exploit targeted specifically\nfor Gateway and Command line scanning. \n\nIf a detection of this type of exploit is found it will trigger the\nmessage \"Found the Exploit-Zip Trojan!\" to be displayed. \n\nUpdates for the DAT files mentioned above can be located at the\nfollowing links:\n\nHome (Retail) Users:\nhttp://download.mcafee.com/uk/updates/updates.asp\n\nBusiness (Enterprise) Users:\nhttp://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1\n\nIt should be noted that whilst McAfee take the potential for this\nexploit to be used maliciously seriously, to date no evidence of such an\nexploit has been discovered. McAfee has provided additional protection\nthrough the DATS driver update however with usage of the comprehensive\nsuite of anti-virus protection strategies provided by McAfee products,\nMacAfee are confident that this exploit presented no additional threat\nto its customers. \n\nIt should be noted that with McAfee on-access scanning active, such\nmodification for malicious purposes to hide payloads only delays\neventual detection - McAfee on-access detection will detect any payload\nwith malicious intent as malware. \n\nMcAfee continues to focus on ensuring that customers receive maximum\nprotection and provide a rapid response to all potential vulnerabilities\nthus ensuring customer satisfaction.\"\n\nComputer Associates\n\"With the assistance of iDEFENSE, Computer Associates has identified a\nmedium-risk vulnerability in a shared component of eTrust Antivirus\nwhich may allow a specially crafted .ZIP file to bypass virus detection. \nA number of CA products embed this technology including solutions from\neTrust, Brightstor and others. \n\nCustomers are encouraged to visit the CA support web site below for more\ninformation about this vulnerability, a list of products and platforms\nthat are effected, and remediation procedures. \nhttp://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp. \n\nAt Computer Associates, every reported exposure is handled with the\nutmost urgency. We strive to ensure that no customer is left in a\nvulnerable situation.\"\n\nKaspersky\n(09/24/2004)\n\"...this bug for scanners based on 3.x-4.x engines will be fixed in next\n(not current) cumulative update. \n\nFor scanners based on new 5.0 engine we recommend you waiting for the\nrelease of our next maintenance pack. We are going to release it in\nOctober.\"\n\nSophos\n\"A vulnerability has been discovered in Sophos\u0027s handling of Zip archive\nfiles, whereby a Zip file can be deliberately altered to prevent\naccurate scanning by Sophos anti-virus products of its contents. \n\nAlthough theoretically a risk, Sophos has not seen any examples of\nmalware attempting to employ this vulnerability. \n\nFurthermore, The vulnerability does not prevent Sophos\u0027s desktop\non-access scanner from correctly detecting viruses (and preventing\nactual infection) which manage to bypass the email gateway software, so\nthe risks of infection are very small. \n\nSophos has enhanced its scan engine to deal with malformed Zip files. \nVersion 3.87.0 of Sophos Anti-Virus on all operating system platforms\nexcept Windows 95/98/Me includes this fix and customers will be\nautomatically updated to this version via EM Library from Wednesday 20\nOctober 2004.  Additionally, a version of the software will be available\nfor download from the Sophos website from Friday 22 October 2004. \n\nSophos Anti-Virus for Windows 95/98/Me customers will be updated with\nthe fix from version 3.88.0 (available from 24 November 2004). \n\nSophos thanks iDEFENSE for their assistance in identifying this\nvulnerability.\"\n\nEset\n\"The vulnerability was caused by the fact that some archive\ncompression/decompression software (including Winzip) incorrectly\nhandles compressed files with deliberately damaged header fields, thus,\nin-fact, allowing creation of the damaged archive files, that could be\nautomatically repaired on the victims computer without notifying the\nuser. \n\nEset has made appropriate modifications to archive-scanning code to\nhandle such kind of archives immediately after receiving notification\nfrom iDEFENSE. These changes are contained in archive-support module\nversion 1.020, released on 16th September 2004 at 21:00 CET. The update\nwas available for all clients with Automatic Virus-Signatures Update\nset.\"\n\nRAV\nNo vendor response\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nfollowing names to these issues:\n\nCAN-2004-0932 - McAfee\nCAN-2004-0933 - Computer Associates\nCAN-2004-0934 - Kaspersky\nCAN-2004-0937 - Sophos\nCAN-2004-0935 - Eset\nCAN-2004-0936 - RAV\n\nThese are candidates for inclusion in the CVE list\n(http://cve.mitre.org), which standardizes names for security problems. \n\nVIII. DISCLOSURE TIMELINE\n\n09/16/2004  Initial vendor notification\n09/16/2004  iDEFENSE clients notified\n10/18/2004  Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nX. LEGAL NOTICES\n\nCopyright \u00a9 2004 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9364"
          },
          {
            "db": "PACKETSTORM",
            "id": "34757"
          }
        ],
        "trust": 2.07
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-9364",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9364"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818",
            "trust": 2.5
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0934",
            "trust": 2.1
          },
          {
            "db": "BID",
            "id": "11448",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "34757",
            "trust": 0.2
          },
          {
            "db": "EXPLOIT-DB",
            "id": "629",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-9364",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9364"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "PACKETSTORM",
            "id": "34757"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "id": "VAR-200501-0310",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9364"
          }
        ],
        "trust": 0.725
      },
      "last_update_date": "2023-12-18T12:40:28.981000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Kaspersky zip Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146861"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/11448"
          },
          {
            "trust": 1.7,
            "url": "http://www.kb.cert.org/vuls/id/968818"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
          },
          {
            "trust": 1.6,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "trust": 0.8,
            "url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
          },
          {
            "trust": 0.8,
            "url": "http://rt.cpan.org/noauth/bug.html?id=8077"
          },
          {
            "trust": 0.8,
            "url": "http://www.idefense.com/application/poi/display?id=153"
          },
          {
            "trust": 0.4,
            "url": "http://download.mcafee.com/uk/updates/updates.asp"
          },
          {
            "trust": 0.3,
            "url": "http://www.nod32.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kaspersky.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ravantivirus.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.sophos.com/"
          },
          {
            "trust": 0.3,
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/378660"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0934"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/poi/teams/vcp.jsp"
          },
          {
            "trust": 0.1,
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp."
          },
          {
            "trust": 0.1,
            "url": "http://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org),"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9364"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "PACKETSTORM",
            "id": "34757"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9364"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "PACKETSTORM",
            "id": "34757"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2004-12-10T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2005-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9364"
          },
          {
            "date": "2004-10-18T00:00:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2004-10-26T03:28:25",
            "db": "PACKETSTORM",
            "id": "34757"
          },
          {
            "date": "2005-01-27T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "date": "2004-10-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-01-14T00:00:00",
            "db": "CERT/CC",
            "id": "VU#968818"
          },
          {
            "date": "2017-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9364"
          },
          {
            "date": "2009-07-12T08:06:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2021-04-09T17:00:09.303000",
            "db": "NVD",
            "id": "CVE-2004-0934"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Anti-virus software may not properly scan malformed zip archives",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#968818"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-310"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-200501-0297

    Vulnerability from variot - Updated: 2023-12-18 12:40

    McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-200501-0297",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "small business suite",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "1.0"
          },
          {
            "model": "puremessage anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "4.6"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.86"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.85"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.84"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.83"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.82"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.81"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.80"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.79"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "sophos",
            "version": "3.4.6"
          },
          {
            "model": "antivirus engine",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "mcafee",
            "version": "4.3.20"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "gentoo",
            "version": "1.4"
          },
          {
            "model": "mandrake linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mandrakesoft",
            "version": "10.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.1"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.12"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.0"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.0"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.13"
          },
          {
            "model": "etrust secure content manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "1.0"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.5"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "ca",
            "version": "7.0_sp2"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "eset",
            "version": "1.0.11"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "for mail servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.4.2"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "1.4.5"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.0"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "4.0"
          },
          {
            "model": "brightstor arcserve backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "11.1"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "5.0"
          },
          {
            "model": "for file servers",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "1.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "gentoo",
            "version": "*"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.4"
          },
          {
            "model": "desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "rav antivirus",
            "version": "8.6"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "suse",
            "version": "9.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "kaspersky lab",
            "version": "3.0"
          },
          {
            "model": "etrust antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.1"
          },
          {
            "model": "etrust antivirus gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "7.0"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "6.1"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "broadcom",
            "version": "2.3"
          },
          {
            "model": "anti-virus",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "3.78d"
          },
          {
            "model": "archive zip",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "1.4.1.13"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "6.1"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "6.2"
          },
          {
            "model": "etrust ez antivirus",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "6.3"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "1.4.5"
          },
          {
            "model": "etrust intrusion detection",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "1.5"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "2.0"
          },
          {
            "model": "inoculateit",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "6.0"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "2.4"
          },
          {
            "model": "etrust ez armor",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "ca",
            "version": "2.3"
          },
          {
            "model": "anti-virus d",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "sophos",
            "version": "3.78"
          },
          {
            "model": "linux personal",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "9.2"
          },
          {
            "model": "antivirus rav antivirus for mail servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.4.2"
          },
          {
            "model": "antivirus rav antivirus for file servers",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "1.0"
          },
          {
            "model": "antivirus rav antivirus desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "rav",
            "version": "8.6"
          },
          {
            "model": "linux mandrake x86 64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "linux mandrake",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "mandriva",
            "version": "10.1"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "5.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "4.0"
          },
          {
            "model": "labs antivirus scanning engine",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "kaspersky",
            "version": "3.0"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.013"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.012"
          },
          {
            "model": "nod32 antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "eset",
            "version": "1.011"
          },
          {
            "model": "associates inoculateit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.1"
          },
          {
            "model": "associates etrust secure content manager sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust secure content manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.0"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.5"
          },
          {
            "model": "associates etrust intrusion detection",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "1.4.1.13"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.4"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.3"
          },
          {
            "model": "associates etrust ez armor",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "2.0"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.3"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.2"
          },
          {
            "model": "associates etrust ez antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "6.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus for the gateway",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.1"
          },
          {
            "model": "associates etrust antivirus sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates etrust antivirus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "7.0"
          },
          {
            "model": "associates brightstor arcserve backup for windows",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "computer",
            "version": "11.1"
          },
          {
            "model": "archive::zip",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.13"
          },
          {
            "model": "archive::zip",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "archive zip",
            "version": "1.14"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2004-0932",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": true,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-9362",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2004-0932",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-200501-286",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-9362",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9362"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability.  This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user.  The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security.  If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "VULHUB",
            "id": "VHN-9362"
          }
        ],
        "trust": 1.26
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-9362",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9362"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "11448",
            "trust": 2.0
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0932",
            "trust": 2.0
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "35055",
            "trust": 0.1
          },
          {
            "db": "EXPLOIT-DB",
            "id": "629",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-9362",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9362"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "id": "VAR-200501-0297",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9362"
          }
        ],
        "trust": 0.725
      },
      "last_update_date": "2023-12-18T12:40:28.954000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "McAfee AntiVirus zip Security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146864"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "NVD-CWE-Other",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "http://www.securityfocus.com/bid/11448"
          },
          {
            "trust": 1.7,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
          },
          {
            "trust": 1.6,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
          },
          {
            "trust": 0.3,
            "url": "http://download.mcafee.com/uk/updates/updates.asp"
          },
          {
            "trust": 0.3,
            "url": "http://www.nod32.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.kaspersky.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.ravantivirus.com/"
          },
          {
            "trust": 0.3,
            "url": "http://www.sophos.com/"
          },
          {
            "trust": 0.3,
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
          },
          {
            "trust": 0.3,
            "url": "/archive/1/378660"
          },
          {
            "trust": 0.1,
            "url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-9362"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-9362"
          },
          {
            "db": "BID",
            "id": "11448"
          },
          {
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2005-01-27T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9362"
          },
          {
            "date": "2004-10-18T00:00:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2005-01-27T05:00:00",
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "date": "2004-10-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-07-11T00:00:00",
            "db": "VULHUB",
            "id": "VHN-9362"
          },
          {
            "date": "2009-07-12T08:06:00",
            "db": "BID",
            "id": "11448"
          },
          {
            "date": "2021-04-09T17:00:09.303000",
            "db": "NVD",
            "id": "CVE-2004-0932"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "McAfee AntiVirus zip Security hole",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ],
        "trust": 0.6
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "other",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-200501-286"
          }
        ],
        "trust": 0.6
      }
    }