Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
83 vulnerabilities by Kaspersky Lab
VAR-200707-0291
Vulnerability from variot - Updated: 2023-12-18 13:30Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow attackers to cause a denial of service (kernel hang) via unspecified vectors. NOTE: it is not clear whether there is an attacker role. Kaspersky Anti-Virus 5.5 for Check Point Firewall-1 is prone to a denial-of-service vulnerability. Further details are currently unavailable. This issue affects Kaspersky Anti-Virus 5.5 for Check Point Firewall-1.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.
SOLUTION: Apply Critical Fix-1 (Build 5.5.161.0). http://www.kaspersky.com/productupdates?chapter=146274607
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://support.kaspersky.com/checkpoint?qid=208279464
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus 5.5 for check point firewall-",
"scope": "lte",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.5.145.0"
},
{
"model": "anti-virus 5.5 for check point firewall-",
"scope": "lt",
"trust": 0.8,
"vendor": "kaspersky",
"version": "critical fix 1 (5.5.161.0) 1"
},
{
"model": "anti-virus 5.5 for check point firewall-",
"scope": "eq",
"trust": 0.6,
"vendor": "kaspersky lab",
"version": "5.5.145.0"
},
{
"model": "anti-virus for check point firewall-1",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.5"
},
{
"model": "anti-virus for check point firewall-1 5.5.build",
"scope": "ne",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.55.5.161.0"
}
],
"sources": [
{
"db": "BID",
"id": "24932"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_5.5_for_check_point_firewall-:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.5.145.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3906"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor released information regarding this issue.",
"sources": [
{
"db": "BID",
"id": "24932"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
],
"trust": 0.9
},
"cve": "CVE-2007-3906",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-3906",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-27268",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-3906",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200707-372",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-27268",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27268"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow attackers to cause a denial of service (kernel hang) via unspecified vectors. NOTE: it is not clear whether there is an attacker role. Kaspersky Anti-Virus 5.5 for Check Point Firewall-1 is prone to a denial-of-service vulnerability. Further details are currently unavailable. \nThis issue affects Kaspersky Anti-Virus 5.5 for Check Point Firewall-1. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\nSOLUTION:\nApply Critical Fix-1 (Build 5.5.161.0). \nhttp://www.kaspersky.com/productupdates?chapter=146274607\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://support.kaspersky.com/checkpoint?qid=208279464\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"db": "BID",
"id": "24932"
},
{
"db": "VULHUB",
"id": "VHN-27268"
},
{
"db": "PACKETSTORM",
"id": "57792"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3906",
"trust": 2.8
},
{
"db": "BID",
"id": "24932",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26064",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-2561",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "36127",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004149",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372",
"trust": 0.7
},
{
"db": "XF",
"id": "35454",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-27268",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57792",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27268"
},
{
"db": "BID",
"id": "24932"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"db": "PACKETSTORM",
"id": "57792"
},
{
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
]
},
"id": "VAR-200707-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-27268"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:30:37.923000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "208279464",
"trust": 0.8,
"url": "http://support.kaspersky.com/checkpoint?qid=208279464"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-004149"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3906"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://support.kaspersky.com/checkpoint?qid=208279464"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/24932"
},
{
"trust": 1.7,
"url": "http://osvdb.org/36127"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26064"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/2561"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35454"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3906"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3906"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2561"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35454"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14799/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26064/"
},
{
"trust": 0.1,
"url": "http://www.kaspersky.com/productupdates?chapter=146274607"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27268"
},
{
"db": "BID",
"id": "24932"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"db": "PACKETSTORM",
"id": "57792"
},
{
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-27268"
},
{
"db": "BID",
"id": "24932"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"db": "PACKETSTORM",
"id": "57792"
},
{
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-19T00:00:00",
"db": "VULHUB",
"id": "VHN-27268"
},
{
"date": "2007-07-12T00:00:00",
"db": "BID",
"id": "24932"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"date": "2007-07-18T03:40:34",
"db": "PACKETSTORM",
"id": "57792"
},
{
"date": "2007-07-19T17:30:00",
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"date": "2007-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-27268"
},
{
"date": "2015-05-07T17:36:00",
"db": "BID",
"id": "24932"
},
{
"date": "2012-09-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-004149"
},
{
"date": "2017-07-29T01:32:36.787000",
"db": "NVD",
"id": "CVE-2007-3906"
},
{
"date": "2007-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kaspersky Anti-Virus 5.5 for Check Point Firewall-1 Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "24932"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-372"
}
],
"trust": 0.6
}
}
VAR-200501-0309
Vulnerability from variot - Updated: 2023-12-18 12:40Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.6,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0933",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9363",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0933",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-311",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9363",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9363"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9363",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0933",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9363",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"id": "VAR-200501-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.156000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple antivirus software Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146860"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9363"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9363"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": " Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
}
}
VAR-200501-0012
Vulnerability from variot - Updated: 2023-12-18 12:40RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0012",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0936",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9366",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0936",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-300",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9366",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9366"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9366",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9366"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0936",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9366",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"id": "VAR-200501-0012",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9366"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.128000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RAV AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146862"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9366"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9366"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
}
}
VAR-200501-0311
Vulnerability from variot - Updated: 2023-12-18 12:40Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Eset Anti-Virus is an anti-virus software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.0"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0935"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0935",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9365",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0935",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-297",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9365",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Eset Anti-Virus is an anti-virus software",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9365"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9365",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9365"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-0935",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9365",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"id": "VAR-200501-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9365"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.100000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Eset AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146863"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0935"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9365"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9365"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
],
"trust": 0.6
}
}
VAR-200501-0243
Vulnerability from variot - Updated: 2023-12-18 12:40Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.82"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cpan",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"cve": "CVE-2004-1096",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9526",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1096",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#492545",
"trust": 0.8,
"value": "3.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-061",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9526",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9526",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9526"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#492545",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "13038",
"trust": 1.7
},
{
"db": "BID",
"id": "11448",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2004-1096",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9526",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"id": "VAR-200501-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9526"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.045000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Archive::Zip AntiVirus Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146865"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"trust": 1.7,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:118"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13038/"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-12T00:00:00",
"db": "CERT/CC",
"id": "VU#492545"
},
{
"date": "2005-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-9526"
},
{
"date": "2005-01-10T05:00:00",
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"date": "2005-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#492545"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9526"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Archive::Zip may not properly parse the file sizes of Zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
],
"trust": 0.6
}
}
VAR-200502-0003
Vulnerability from variot - Updated: 2023-12-18 12:40Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors' software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200502-0003",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9367",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200502-042",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9367",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors\u0027 software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9367"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9367",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9367"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0937",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9367",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"id": "VAR-200502-0003",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9367"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.016000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Many anti-virus vendors software Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146859"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-9367"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-02-09T05:00:00",
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9367"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
}
}
VAR-200501-0310
Vulnerability from variot - Updated: 2023-12-18 12:40Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Kaspersky is a well-known antivirus software. Kaspersky 3.x and 4.x versions have issues when processing .zip files, resulting in a vulnerability to bypass antivirus checks.
II. DESCRIPTION
Remote exploitation of an exceptional condition error in multiple vendors' anti-virus software allows attackers to bypass security protections by evading virus detection. The .zip file format stores information about compressed files in two locations - a local header and a global header. The local header exists just before the compressed data of each file, and the global header exists at the end of the .zip archive. It is possible to modify the uncompressed size of archived files in both the local and global header without affecting functionality. This has been confirmed with both WinZip and Microsoft Compressed Folders. An attacker can compress a malicious payload and evade detection by some anti-virus software by modifying the uncompressed size within the local and global headers to zero.
III. ANALYSIS
Successful exploitation allows remote attackers to pass malicious payloads within a compressed archive to a target without being detected. Most anti-virus engines have the ability to scan content packaged with compressed archives. As such, users with up-to-date anti-virus software are more likely to open attachments and files if they are under the false impression that the archive was already scanned and found to not contain a virus.
IV. The Vendor Responses section of this advisory contains details on the status of specific vendor fixes for this issue.
V. WORKAROUND
Filter all compressed file archives (.zip) at border gateways, regardless of content.
VI. VENDOR RESPONSES
McAfee "The McAfee scan engine has always been a market leader in detection of viruses, worms and Trojans within compressed and archived file formats. As such the mechanism used for the detection of such payloads has been designed to ensure all archive files are thoroughly scanned at each nested level in the file to ensure that all appropriate parts of the file are scanned.
McAfee is aware of a proof of concept exploitation in Zip archive payloads where information in the local header part of the archive is modified.
The local header exists just before the compressed data of each file. It is possible to modify the uncompressed size of archived files in the local header without affecting functionality. Consequently there is the potential for a malicious payload to be hidden and avoid anti-virus detection by modifying the uncompressed size within the local headers to zero.
The techniques used by McAfee to analyze Zip archives have allowed a comprehensive solution for the Zip file format vulnerability to be provided to protect customers.
The latest update for the current 4320 McAfee Anti-Virus Engine DATS drivers (Version 4398 released on Oct 13th 2004) further enhances the protection afforded to McAfee customers against such potential exploits.
A DATS Driver update issued in Version 4397 (October 6th 2004) provided early protection for the same potential exploit targeted specifically for Gateway and Command line scanning.
If a detection of this type of exploit is found it will trigger the message "Found the Exploit-Zip Trojan!" to be displayed.
Updates for the DAT files mentioned above can be located at the following links:
Home (Retail) Users: http://download.mcafee.com/uk/updates/updates.asp
Business (Enterprise) Users: http://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1
It should be noted that whilst McAfee take the potential for this exploit to be used maliciously seriously, to date no evidence of such an exploit has been discovered. McAfee has provided additional protection through the DATS driver update however with usage of the comprehensive suite of anti-virus protection strategies provided by McAfee products, MacAfee are confident that this exploit presented no additional threat to its customers.
It should be noted that with McAfee on-access scanning active, such modification for malicious purposes to hide payloads only delays eventual detection - McAfee on-access detection will detect any payload with malicious intent as malware.
McAfee continues to focus on ensuring that customers receive maximum protection and provide a rapid response to all potential vulnerabilities thus ensuring customer satisfaction."
Computer Associates "With the assistance of iDEFENSE, Computer Associates has identified a medium-risk vulnerability in a shared component of eTrust Antivirus which may allow a specially crafted .ZIP file to bypass virus detection. A number of CA products embed this technology including solutions from eTrust, Brightstor and others.
Customers are encouraged to visit the CA support web site below for more information about this vulnerability, a list of products and platforms that are effected, and remediation procedures. http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp.
At Computer Associates, every reported exposure is handled with the utmost urgency. We strive to ensure that no customer is left in a vulnerable situation."
Kaspersky (09/24/2004) "...this bug for scanners based on 3.x-4.x engines will be fixed in next (not current) cumulative update.
For scanners based on new 5.0 engine we recommend you waiting for the release of our next maintenance pack. We are going to release it in October."
Sophos "A vulnerability has been discovered in Sophos's handling of Zip archive files, whereby a Zip file can be deliberately altered to prevent accurate scanning by Sophos anti-virus products of its contents.
Although theoretically a risk, Sophos has not seen any examples of malware attempting to employ this vulnerability.
Furthermore, The vulnerability does not prevent Sophos's desktop on-access scanner from correctly detecting viruses (and preventing actual infection) which manage to bypass the email gateway software, so the risks of infection are very small.
Sophos has enhanced its scan engine to deal with malformed Zip files. Version 3.87.0 of Sophos Anti-Virus on all operating system platforms except Windows 95/98/Me includes this fix and customers will be automatically updated to this version via EM Library from Wednesday 20 October 2004. Additionally, a version of the software will be available for download from the Sophos website from Friday 22 October 2004.
Sophos Anti-Virus for Windows 95/98/Me customers will be updated with the fix from version 3.88.0 (available from 24 November 2004).
Sophos thanks iDEFENSE for their assistance in identifying this vulnerability."
Eset "The vulnerability was caused by the fact that some archive compression/decompression software (including Winzip) incorrectly handles compressed files with deliberately damaged header fields, thus, in-fact, allowing creation of the damaged archive files, that could be automatically repaired on the victims computer without notifying the user.
Eset has made appropriate modifications to archive-scanning code to handle such kind of archives immediately after receiving notification from iDEFENSE. These changes are contained in archive-support module version 1.020, released on 16th September 2004 at 21:00 CET. The update was available for all clients with Automatic Virus-Signatures Update set."
RAV No vendor response
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues:
CAN-2004-0932 - McAfee CAN-2004-0933 - Computer Associates CAN-2004-0934 - Kaspersky CAN-2004-0937 - Sophos CAN-2004-0935 - Eset CAN-2004-0936 - RAV
These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
09/16/2004 Initial vendor notification 09/16/2004 iDEFENSE clients notified 10/18/2004 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp
X. LEGAL NOTICES
Copyright © 2004 iDEFENSE, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0310",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0934"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0934",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9364",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0934",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-310",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9364",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Kaspersky is a well-known antivirus software. Kaspersky 3.x and 4.x versions have issues when processing .zip files, resulting in a vulnerability to bypass antivirus checks. \n\nII. DESCRIPTION\n\nRemote exploitation of an exceptional condition error in multiple\nvendors\u0027 anti-virus software allows attackers to bypass security\nprotections by evading virus detection. \nThe .zip file format stores information about compressed files in two\nlocations - a local header and a global header. The local header exists\njust before the compressed data of each file, and the global header\nexists at the end of the .zip archive. It is possible to modify the\nuncompressed size of archived files in both the local and global header\nwithout affecting functionality. This has been confirmed with both\nWinZip and Microsoft Compressed Folders. An attacker can compress a\nmalicious payload and evade detection by some anti-virus software by\nmodifying the uncompressed size within the local and global headers to\nzero. \n\nIII. ANALYSIS\n\nSuccessful exploitation allows remote attackers to pass malicious\npayloads within a compressed archive to a target without being detected. \nMost anti-virus engines have the ability to scan content packaged with\ncompressed archives. As such, users with up-to-date anti-virus software\nare more likely to open attachments and files if they are under the\nfalse impression that the archive was already scanned and found to not\ncontain a virus. \n\nIV. The Vendor Responses section of this\nadvisory contains details on the status of specific vendor fixes for\nthis issue. \n\nV. WORKAROUND\n\nFilter all compressed file archives (.zip) at border gateways,\nregardless of content. \n\nVI. VENDOR RESPONSES\n\nMcAfee\n\"The McAfee scan engine has always been a market leader in detection of\nviruses, worms and Trojans within compressed and archived file formats. \nAs such the mechanism used for the detection of such payloads has been\ndesigned to ensure all archive files are thoroughly scanned at each\nnested level in the file to ensure that all appropriate parts of the\nfile are scanned. \n\nMcAfee is aware of a proof of concept exploitation in Zip archive\npayloads where information in the local header part of the archive is\nmodified. \n\nThe local header exists just before the compressed data of each file. It\nis possible to modify the uncompressed size of archived files in the\nlocal header without affecting functionality. Consequently there is the\npotential for a malicious payload to be hidden and avoid anti-virus\ndetection by modifying the uncompressed size within the local headers to\nzero. \n\nThe techniques used by McAfee to analyze Zip archives have allowed a\ncomprehensive solution for the Zip file format vulnerability to be\nprovided to protect customers. \n\nThe latest update for the current 4320 McAfee Anti-Virus Engine DATS\ndrivers (Version 4398 released on Oct 13th 2004) further enhances the\nprotection afforded to McAfee customers against such potential exploits. \n\nA DATS Driver update issued in Version 4397 (October 6th 2004) provided\nearly protection for the same potential exploit targeted specifically\nfor Gateway and Command line scanning. \n\nIf a detection of this type of exploit is found it will trigger the\nmessage \"Found the Exploit-Zip Trojan!\" to be displayed. \n\nUpdates for the DAT files mentioned above can be located at the\nfollowing links:\n\nHome (Retail) Users:\nhttp://download.mcafee.com/uk/updates/updates.asp\n\nBusiness (Enterprise) Users:\nhttp://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1\n\nIt should be noted that whilst McAfee take the potential for this\nexploit to be used maliciously seriously, to date no evidence of such an\nexploit has been discovered. McAfee has provided additional protection\nthrough the DATS driver update however with usage of the comprehensive\nsuite of anti-virus protection strategies provided by McAfee products,\nMacAfee are confident that this exploit presented no additional threat\nto its customers. \n\nIt should be noted that with McAfee on-access scanning active, such\nmodification for malicious purposes to hide payloads only delays\neventual detection - McAfee on-access detection will detect any payload\nwith malicious intent as malware. \n\nMcAfee continues to focus on ensuring that customers receive maximum\nprotection and provide a rapid response to all potential vulnerabilities\nthus ensuring customer satisfaction.\"\n\nComputer Associates\n\"With the assistance of iDEFENSE, Computer Associates has identified a\nmedium-risk vulnerability in a shared component of eTrust Antivirus\nwhich may allow a specially crafted .ZIP file to bypass virus detection. \nA number of CA products embed this technology including solutions from\neTrust, Brightstor and others. \n\nCustomers are encouraged to visit the CA support web site below for more\ninformation about this vulnerability, a list of products and platforms\nthat are effected, and remediation procedures. \nhttp://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp. \n\nAt Computer Associates, every reported exposure is handled with the\nutmost urgency. We strive to ensure that no customer is left in a\nvulnerable situation.\"\n\nKaspersky\n(09/24/2004)\n\"...this bug for scanners based on 3.x-4.x engines will be fixed in next\n(not current) cumulative update. \n\nFor scanners based on new 5.0 engine we recommend you waiting for the\nrelease of our next maintenance pack. We are going to release it in\nOctober.\"\n\nSophos\n\"A vulnerability has been discovered in Sophos\u0027s handling of Zip archive\nfiles, whereby a Zip file can be deliberately altered to prevent\naccurate scanning by Sophos anti-virus products of its contents. \n\nAlthough theoretically a risk, Sophos has not seen any examples of\nmalware attempting to employ this vulnerability. \n\nFurthermore, The vulnerability does not prevent Sophos\u0027s desktop\non-access scanner from correctly detecting viruses (and preventing\nactual infection) which manage to bypass the email gateway software, so\nthe risks of infection are very small. \n\nSophos has enhanced its scan engine to deal with malformed Zip files. \nVersion 3.87.0 of Sophos Anti-Virus on all operating system platforms\nexcept Windows 95/98/Me includes this fix and customers will be\nautomatically updated to this version via EM Library from Wednesday 20\nOctober 2004. Additionally, a version of the software will be available\nfor download from the Sophos website from Friday 22 October 2004. \n\nSophos Anti-Virus for Windows 95/98/Me customers will be updated with\nthe fix from version 3.88.0 (available from 24 November 2004). \n\nSophos thanks iDEFENSE for their assistance in identifying this\nvulnerability.\"\n\nEset\n\"The vulnerability was caused by the fact that some archive\ncompression/decompression software (including Winzip) incorrectly\nhandles compressed files with deliberately damaged header fields, thus,\nin-fact, allowing creation of the damaged archive files, that could be\nautomatically repaired on the victims computer without notifying the\nuser. \n\nEset has made appropriate modifications to archive-scanning code to\nhandle such kind of archives immediately after receiving notification\nfrom iDEFENSE. These changes are contained in archive-support module\nversion 1.020, released on 16th September 2004 at 21:00 CET. The update\nwas available for all clients with Automatic Virus-Signatures Update\nset.\"\n\nRAV\nNo vendor response\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nfollowing names to these issues:\n\nCAN-2004-0932 - McAfee\nCAN-2004-0933 - Computer Associates\nCAN-2004-0934 - Kaspersky\nCAN-2004-0937 - Sophos\nCAN-2004-0935 - Eset\nCAN-2004-0936 - RAV\n\nThese are candidates for inclusion in the CVE list\n(http://cve.mitre.org), which standardizes names for security problems. \n\nVIII. DISCLOSURE TIMELINE\n\n09/16/2004 Initial vendor notification\n09/16/2004 iDEFENSE clients notified\n10/18/2004 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nX. LEGAL NOTICES\n\nCopyright \u00a9 2004 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "PACKETSTORM",
"id": "34757"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9364",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9364"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0934",
"trust": 2.1
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "34757",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9364",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "PACKETSTORM",
"id": "34757"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"id": "VAR-200501-0310",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9364"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:28.981000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Kaspersky zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146861"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0934"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.4,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0934"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp."
},
{
"trust": 0.1,
"url": "http://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "PACKETSTORM",
"id": "34757"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "PACKETSTORM",
"id": "34757"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9364"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2004-10-26T03:28:25",
"db": "PACKETSTORM",
"id": "34757"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9364"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
],
"trust": 0.6
}
}
VAR-200501-0297
Vulnerability from variot - Updated: 2023-12-18 12:40McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.4.1.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.3"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.4.5"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.5"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.0"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.0"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.3"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9362",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0932",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-286",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9362",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9362"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9362",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-0932",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "35055",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9362",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"id": "VAR-200501-0297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:28.954000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "McAfee AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146864"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9362"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9362"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee AntiVirus zip Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
}
}
VAR-200511-0109
Vulnerability from variot - Updated: 2023-12-18 11:14Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file. On Microsoft platforms, the affected software cannot execute arbitrary code, but prevents Kaspersky Anti-Virus from scanning any files, thus potentially allowing later malicious code to reach its target.
For more information: SA17130
The vulnerability has been reported in version 4.50. Prior versions may also be affected.
TITLE: Kaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow
SECUNIA ADVISORY ID: SA17130
VERIFY ADVISORY: http://secunia.com/advisories/17130/
CRITICAL: Highly critical
IMPACT: DoS, System access
WHERE:
From remote
SOFTWARE: Kaspersky Anti-Virus 5.x http://secunia.com/product/2781/
DESCRIPTION: A vulnerability has been reported in Kaspersky Anti-Virus, which can be exploited by malicious people to cause a DoS (Denial of Service), or compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the scan engine when parsing a malformed CHM file. This can be exploited to cause a heap-based buffer overflow when a specially crafted CHM file is scanned. On Windows platforms, the anti-virus may fail to scan any other files after a malformed CHM file has been encountered.
SOLUTION: The vulnerability has reportedly been fixed via a signature update after July 2005.
PROVIDED AND/OR DISCOVERED BY: Discovered by anonymous person and reported via iDEFENSE.
ORIGINAL ADVISORY: iDEFENSE: http://www.idefense.com/application/poi/display?id=318&type=vulnerabilities
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200511-0109",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus personal",
"scope": "eq",
"trust": 1.6,
"vendor": "kaspersky lab",
"version": "5.0.227"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.6,
"vendor": "kaspersky lab",
"version": "5.0.5"
},
{
"model": "f-secure anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "f secure",
"version": "4.50"
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0.5:*:linux_workstations:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus_personal:5.0.227:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3664"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
],
"trust": 0.6
},
"cve": "CVE-2005-3664",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-14872",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-3664",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200511-258",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-14872",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14872"
},
{
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file. On Microsoft platforms, the affected software cannot execute arbitrary code, but prevents Kaspersky Anti-Virus from scanning any files, thus potentially allowing later malicious code to reach its target. \n\nFor more information:\nSA17130\n\nThe vulnerability has been reported in version 4.50. Prior versions\nmay also be affected. \n\nTITLE:\nKaspersky Anti-Virus Engine CHM File Parsing Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA17130\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17130/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nKaspersky Anti-Virus 5.x\nhttp://secunia.com/product/2781/\n\nDESCRIPTION:\nA vulnerability has been reported in Kaspersky Anti-Virus, which can\nbe exploited by malicious people to cause a DoS (Denial of Service),\nor compromise a vulnerable system. \n\nThe vulnerability is caused due to a boundary error in the scan\nengine when parsing a malformed CHM file. This can be exploited to\ncause a heap-based buffer overflow when a specially crafted CHM file\nis scanned. On Windows platforms, the anti-virus may fail to scan any\nother files after a malformed CHM file has been encountered. \n\nSOLUTION:\nThe vulnerability has reportedly been fixed via a signature update\nafter July 2005. \n\nPROVIDED AND/OR DISCOVERED BY:\nDiscovered by anonymous person and reported via iDEFENSE. \n\nORIGINAL ADVISORY:\niDEFENSE:\nhttp://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"db": "VULHUB",
"id": "VHN-14872"
},
{
"db": "PACKETSTORM",
"id": "40601"
},
{
"db": "PACKETSTORM",
"id": "40600"
}
],
"trust": 1.17
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "17130",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "17144",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "19912",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "19913",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2005-3664",
"trust": 1.7
},
{
"db": "BID",
"id": "15054",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200511-258",
"trust": 0.7
},
{
"db": "IDEFENSE",
"id": "20051010 KASPERSKY ANTI-VIRUS ENGINE CHM FILE PARSER BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "XF",
"id": "22564",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-14872",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "40601",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "40600",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14872"
},
{
"db": "PACKETSTORM",
"id": "40601"
},
{
"db": "PACKETSTORM",
"id": "40600"
},
{
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
]
},
"id": "VAR-200511-0109",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14872"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:14:14.344000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3664"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.idefense.com/application/poi/display?id=318\u0026type=vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/15054"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/19912"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/19913"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/17130"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/17144"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22564"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/22564"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/17130/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=318\u0026amp;type=vulnerabilities"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3165/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17144/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2781/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14872"
},
{
"db": "PACKETSTORM",
"id": "40601"
},
{
"db": "PACKETSTORM",
"id": "40600"
},
{
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-14872"
},
{
"db": "PACKETSTORM",
"id": "40601"
},
{
"db": "PACKETSTORM",
"id": "40600"
},
{
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-18T00:00:00",
"db": "VULHUB",
"id": "VHN-14872"
},
{
"date": "2005-10-11T23:51:24",
"db": "PACKETSTORM",
"id": "40601"
},
{
"date": "2005-10-11T23:51:24",
"db": "PACKETSTORM",
"id": "40600"
},
{
"date": "2005-11-18T06:04:00",
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"date": "2005-10-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-14872"
},
{
"date": "2017-07-11T01:33:16.503000",
"db": "NVD",
"id": "CVE-2005-3664"
},
{
"date": "2006-03-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kaspersky Antivirus engine CHM File parser remote overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-258"
}
],
"trust": 0.6
}
}
CVE-2019-8276 (GCVE-0-2019-8276)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 18:33- CWE-121 - Stack-based Buffer Overflow
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:55:54.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8276",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:33:31.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8280 (GCVE-0-2019-8280)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-17 01:40- CWE-788 - Access of Memory Location After End of Buffer
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:18:29.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8280",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:40:44.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8266 (GCVE-0-2019-8266)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 23:05- CWE-788 - Access of Memory Location After End of Buffer
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:30:20.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8266",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:05:39.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8275 (GCVE-0-2019-8275)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-17 03:12- CWE-170 - Improper Null Termination
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170: Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:15:25.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8275",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:12:37.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8270 (GCVE-0-2019-8270)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 16:34- CWE-125 - Out-of-bounds Read
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:31.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:53:21.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8270",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:34:02.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8264 (GCVE-0-2019-8264)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 19:51- CWE-788 - Access of Memory Location After End of Buffer
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T11:55:37.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8264",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:51:49.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8277 (GCVE-0-2019-8277)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-08-04 21:17- CWE-665 - multiple memory leaks (CWE-665)
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
revision 1211
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "revision 1211"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "multiple memory leaks (CWE-665)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:26:17.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2019-8277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "revision 1211"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "multiple memory leaks (CWE-665)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/",
"refsource": "CONFIRM",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8277",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:17:30.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8273 (GCVE-0-2019-8273)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 23:16- CWE-122 - Heap-based Buffer Overflow
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:31.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:54:47.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8273",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:16:03.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8268 (GCVE-0-2019-8268)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-17 01:16- CWE-193 - Off-by-one Error
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-193",
"description": "CWE-193: Off-by-one Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:52:16.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-193: Off-by-one Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8268",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:16:16.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8272 (GCVE-0-2019-8272)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 16:43- CWE-193 - Off-by-one Error
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-193",
"description": "CWE-193: Off-by-one Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:54:20.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-193: Off-by-one Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8272",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:43:07.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8265 (GCVE-0-2019-8265)
Vulnerability from cvelistv5 – Published: 2019-03-09 00:00 – Updated: 2024-09-16 17:07- CWE-788 - Access of Memory Location After End of Buffer
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.842Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T11:57:30.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of SETPIXELS macro in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-012-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8265",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:07:55.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8276 (GCVE-0-2019-8276)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-16 18:33- CWE-121 - Stack-based Buffer Overflow
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:55:54.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8276",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has a stack buffer overflow vulnerability in VNC server code inside file transfer request handler, which can result in Denial of Service (DoS). This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-023-ultravnc-stack-based-buffer-overflow/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8276",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:33:31.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8280 (GCVE-0-2019-8280)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-17 01:40- CWE-788 - Access of Memory Location After End of Buffer
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:18:29.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8280",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:40:44.392Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8266 (GCVE-0-2019-8266)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-16 23:05- CWE-788 - Access of Memory Location After End of Buffer
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:30:20.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8266",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1207 has multiple out-of-bounds access vulnerabilities connected with improper usage of ClientConnection::Copybuffer function in VNC client code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. User interaction is required to trigger these vulnerabilities. These vulnerabilities have been fixed in revision 1208."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-013-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8266",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:05:39.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8275 (GCVE-0-2019-8275)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-17 03:12- CWE-170 - Improper Null Termination
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.848Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-170",
"description": "CWE-170: Improper Null Termination",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:15:25.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8275",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has multiple improper null termination vulnerabilities in VNC server code, which result in out-of-bound data being accessed by remote users. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-022-ultravnc-improper-null-termination/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8275",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T03:12:37.776Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8270 (GCVE-0-2019-8270)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-16 16:34- CWE-125 - Out-of-bounds Read
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:31.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:53:21.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC client code inside Ultra decoder, which results in a denial of service (DoS) condition. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1211."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-017-ultravnc-out-of-bounds-read/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8270",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:34:02.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8264 (GCVE-0-2019-8264)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-16 19:51- CWE-788 - Access of Memory Location After End of Buffer
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-788",
"description": "CWE-788: Access of Memory Location After End of Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T11:55:37.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8264",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside Ultra2 decoder, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-011-ultravnc-access-of-memory-location-after-end-of-buffer/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8264",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:51:49.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8277 (GCVE-0-2019-8277)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-08-04 21:17- CWE-665 - multiple memory leaks (CWE-665)
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
revision 1211
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "revision 1211"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "multiple memory leaks (CWE-665)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-28T12:26:17.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"ID": "CVE-2019-8277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "revision 1211"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC server code, which allows an attacker to read stack memory and can be abused for information disclosure. Combined with another vulnerability, it can be used to leak stack memory and bypass ASLR. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "multiple memory leaks (CWE-665)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/",
"refsource": "CONFIRM",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-024-ultravnc-improper-initialization/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-940818.pdf"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-286838.pdf"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-131-11"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8277",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:17:30.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8273 (GCVE-0-2019-8273)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-16 23:16- CWE-122 - Heap-based Buffer Overflow
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:31.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:54:47.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC server code inside file transfer request handler, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. This vulnerability has been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-122: Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-020-ultravnc-heap-based-buffer-overflow/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8273",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:16:03.189Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8268 (GCVE-0-2019-8268)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-17 01:16- CWE-193 - Off-by-one Error
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.455Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-193",
"description": "CWE-193: Off-by-one Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:52:16.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8268",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC client code connected with improper usage of ClientConnection::ReadString function, which can potentially result code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1207."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-193: Off-by-one Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-015-ultravnc-off-by-one-error/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8268",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:16:16.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8272 (GCVE-0-2019-8272)
Vulnerability from nvd – Published: 2019-03-09 00:00 – Updated: 2024-09-16 16:43- CWE-193 - Off-by-one Error
| URL | Tags |
|---|---|
| https://ics-cert.kaspersky.com/advisories/klcert-… | x_refsource_MISC |
| https://cert-portal.siemens.com/productcert/pdf/s… | x_refsource_CONFIRM |
| https://www.us-cert.gov/ics/advisories/icsa-20-161-06 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kaspersky Lab | UltraVNC |
Affected:
1.2.2.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:30.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UltraVNC",
"vendor": "Kaspersky Lab",
"versions": [
{
"status": "affected",
"version": "1.2.2.3"
}
]
}
],
"datePublic": "2019-03-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-193",
"description": "CWE-193: Off-by-one Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-12T20:54:20.000Z",
"orgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"shortName": "Kaspersky"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnerability@kaspersky.com",
"DATE_PUBLIC": "2019-03-01T00:00:00",
"ID": "CVE-2019-8272",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UltraVNC",
"version": {
"version_data": [
{
"version_value": "1.2.2.3"
}
]
}
}
]
},
"vendor_name": "Kaspersky Lab"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC server code, which can potentially result in code execution. This attack appears to be exploitable via network connectivity. These vulnerabilities have been fixed in revision 1212."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-193: Off-by-one Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/",
"refsource": "MISC",
"url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-019-ultravnc-off-by-one-error/"
},
{
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf",
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-927095.pdf"
},
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-161-06"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e45d732a-8f6b-4b6b-be76-7420f6a2b988",
"assignerShortName": "Kaspersky",
"cveId": "CVE-2019-8272",
"datePublished": "2019-03-09T00:00:00.000Z",
"dateReserved": "2019-02-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:43:07.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}