Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3499

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3499
Last Modified 08 Apr 2009 12:37:23
Published 03 Nov 2005 07:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3499

Summary

Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file.

Vulnerable Systems

Application

  • Frisk Software F-prot Antivirus

  • Frisk Software F-prot Antivirus 3.12b

  • Frisk Software F-prot Antivirus 3.12d

  • Frisk Software F-prot Antivirus 3.16c

  • Frisk Software F-prot Antivirus 4.4.2


References

XF - fprotantivirus-zip-bypass-protection(22967)

MISC - http://www.zoller.lu/research/fprot.htm

BID - 15293

BUGTRAQ - 20090402 [TZO-07-2009] F-PROT ZIP Method evasion

BUGTRAQ - 20051103 [ TZO-012005 ] F-Prot/Frisk Anti Virus bypass - ZIP Version Header

OSVDB - 20865

MISC - http://thierry.sniff-em.com/research/fprot.html

SECTRACK - 1015148

FULLDISC - 20051102 [ TZO-012005 ] F-Prot/Frisk Anti Virus bypass - ZIP Version Header


Last Updated: 27 May 2016 10:40:56