CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
88.8%
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | libarchive-zip-perl | < 1.14-1 | libarchive-zip-perl_1.14-1_all.deb |
Debian | 11 | all | libarchive-zip-perl | < 1.14-1 | libarchive-zip-perl_1.14-1_all.deb |
Debian | 999 | all | libarchive-zip-perl | < 1.14-1 | libarchive-zip-perl_1.14-1_all.deb |
Debian | 13 | all | libarchive-zip-perl | < 1.14-1 | libarchive-zip-perl_1.14-1_all.deb |