CVE-2004-0933

Computer Associates (CA) - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0933.

AI-analyzed exploit summary This PoC exploits a vulnerability in multiple antivirus engines (CVE-2004-0933) by corrupting ZIP file headers, causing denial-of-service or potential code execution when the file is scanned. It patches specific offsets in local and central ZIP headers to trigger the vulnerability.

Description

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Exploits (1)

exploitdb WORKING POC

clocalmultiple

https://www.exploit-db.com/exploits/629

View Code ZIP pw:eip

This PoC exploits a vulnerability in multiple antivirus engines (CVE-2004-0933) by corrupting ZIP file headers, causing denial-of-service or potential code execution when the file is scanned. It patches specific offsets in local and central ZIP headers to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Multiple antivirus engines (McAfee, Computer Associates, Kaspersky, Sophos, Eset, RAV)

No auth needed

Prerequisites: A valid ZIP file to modify

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17761

Various Sources x_refsource_confirm

http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11448

Various Sources third-party-advisory x_refsource_idefense

http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true

Scores

EPSS 0.3003

EPSS Percentile 96.8%

Details

Status published

Products (47)

archive_zip/archive_zip 1.13

broadcom/brightstor_arcserve_backup 11.1

broadcom/etrust_antivirus 7.0

broadcom/etrust_antivirus 7.1

broadcom/etrust_antivirus_gateway 7.0

broadcom/etrust_antivirus_gateway 7.1

broadcom/etrust_ez_antivirus 6.1

broadcom/etrust_ez_antivirus 6.2

broadcom/etrust_ez_antivirus 6.3

broadcom/etrust_ez_armor 2.0

... and 37 more

Published Jan 27, 2005

Tracked Since Feb 18, 2026