Antivirus Protection Bypass in McAfee Anti-Virus Engine
CVE-2004-0932

Currently unrated

Key Information:

Vendor: Eset Software
Status: Nod32 Antivirus; Kaspersky Anti-virus; Sophos Small Business Suite; Sophos Anti-virus
Vendor: CVE Published:; 27 January 2005

🔔 Create Eset Software Vulnerability Alert

What is CVE-2004-0932?

The vulnerability allows remote attackers to circumvent the security features of the McAfee Anti-Virus Engine by exploiting a flaw in how compressed files are processed. Specifically, the issue arises from the handling of compressed files that have both local and global headers set to zero, permitting these files to be opened without proper checks against malicious content. This capability makes it easier for attackers to deliver harmful payloads without detection by antivirus measures.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/17761

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/11448

vdb-entryx_refsource_BID

http://www.idefense.com/application/poi/display?id=153&ty...

third-party-advisoryx_refsource_IDEFENSE

EPSS Score

43% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2005
Vulnerability Reserved
Oct 4, 2004

JSON