CVE-2004-0936
CVE-2004-0936 is a high-severity vulnerability in Archive Zip with a CVSS 2.0 base score of 7.5. Its EPSS exploit-prediction score of 15% places it in the 96th percentile, indicating an elevated likelihood of exploitation.
Key facts
- Severity: High (CVSS 2.0 base score 7.5)
- EPSS exploit prediction: 15% (96th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Archive Zip
- Published:
- Last modified:
Description
RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
Frequently asked questions
- What is CVE-2004-0936?
- RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
- How severe is CVE-2004-0936?
- CVE-2004-0936 has a CVSS 2.0 base score of 7.5, rated high severity.
- Is CVE-2004-0936 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 15% (96th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2004-0936?
- CVE-2004-0936 primarily affects Archive Zip. In total, 48 product configurations (CPEs) are listed as vulnerable; see the affected-products list for the exact versions.
- How do I fix CVE-2004-0936?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its high severity, prioritise patching exposed systems.
- When was CVE-2004-0936 published?
- CVE-2004-0936 was published on 2005-01-27 and last updated on 2026-06-16.
References
- http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true
- http://www.kb.cert.org/vuls/id/968818
- http://www.securityfocus.com/bid/11448
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17761
Affected products (48)
- cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*
- cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*
- cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*
- cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*
- cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*
More vulnerabilities in Archive Zip
- CVE-2004-0937 — High (CVSS 7.5): Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote…
- CVE-2004-0933 — High (CVSS 7.5): Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and…
- CVE-2004-0934 — High (CVSS 7.5): Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and…
- CVE-2004-0932 — High (CVSS 7.5): McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th…
- CVE-2004-0935 — High (CVSS 7.5): Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a…