CVE-2004-0936

RAV Antivirus - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0936.

AI-analyzed exploit summary This PoC exploits a vulnerability in multiple antivirus engines (CVE-2004-0936) by corrupting ZIP file headers, causing denial-of-service or potential code execution when the file is scanned. It patches specific offsets in local and central ZIP headers to trigger the vulnerability.

Description

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Exploits (1)

exploitdb WORKING POC

clocalmultiple

https://www.exploit-db.com/exploits/629

View Code ZIP pw:eip

This PoC exploits a vulnerability in multiple antivirus engines (CVE-2004-0936) by corrupting ZIP file headers, causing denial-of-service or potential code execution when the file is scanned. It patches specific offsets in local and central ZIP headers to trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Multiple antivirus engines (McAfee, Computer Associates, Kaspersky, Sophos, Eset, RAV)

No auth needed

Prerequisites: A valid ZIP file to modify

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources third-party-advisory x_refsource_idefense

http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/17761

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/968818

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/11448

Scores

EPSS 0.1320

EPSS Percentile 94.3%

Details

Status published

Products (47)

archive_zip/archive_zip 1.13

broadcom/brightstor_arcserve_backup 11.1

broadcom/etrust_antivirus 7.0

broadcom/etrust_antivirus 7.1

broadcom/etrust_antivirus_gateway 7.0

broadcom/etrust_antivirus_gateway 7.1

broadcom/etrust_ez_antivirus 6.1

broadcom/etrust_ez_antivirus 6.2

broadcom/etrust_ez_antivirus 6.3

broadcom/etrust_ez_armor 2.0

... and 37 more

Published Jan 27, 2005

Tracked Since Feb 18, 2026