Vulnerability CVE-2005-3217


Published: 2005-10-14   Modified: 2012-02-12

Description:
Multiple interpretation error in unspecified versions of Symantec Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

CVSS2 => (AV:N/AC:H/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.1/10
6.4/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Symantec -> Antivirus scan engine 

 References:
http://shadock.net/secubox/AVCraftedArchive.html
http://marc.theaimsgroup.com/?l=bugtraq&m=112879611919750&w=2

Copyright 2022, cxsecurity.com

 

Back to Top