Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3217

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-3217
Last Modified 07 Mar 2011 09:26:04
Published 14 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-3217

Summary

Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

Vulnerable Systems

Application

  • Symantec Antivirus Scan Engine


References

MISC - http://shadock.net/secubox/AVCraftedArchive.html

BUGTRAQ - 20051007 Antivirus detection bypass by special crafted archive.


Last Updated: 27 May 2016 10:40:51