CVE-2004-0937 - Clandestine Compensation

Description

Sophos Anti-Virus before 3.87.0 and Sophos Anti-Virus for Windows 95 98 and Me before 3.88.0 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero which does not prevent the compressed file from being opened on a target system.

Reference

http://www.securityfocus.com/bid/11448 http://www.kb.cert.org/vuls/id/968818 http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true https://exchange.xforce.ibmcloud.com/vulnerabilities/17761