Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2298

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2298
Last Modified 05 Sep 2008 04:51:24
Published 19 Jul 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2298

Summary

BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards.

Vulnerable Systems

Application

  • Softwin Bitdefender Engine 1.6.1


References

BUGTRAQ - 20050714 05_07_14-bitdefender_malicious_content_bypass

SECTRACK - 1014495


Last Updated: 27 May 2016 10:40:28