CVE-2005-3399

Name of the Vulnerable Software and Affected Versions CAT-QuickHeal version 8.0

Description The issue allows remote attackers to bypass virus scanning by utilizing a file with an "MZ" magic byte sequence, typically associated with EXE files, but in this case, the file can be of type BAT, HTML, or EML. This causes the file to be treated as a safe type, even though it could still be executed as a dangerous file type by applications on the end system. An example of exploitation is a "triple headed" program containing EXE, EML, and HTML content.

Recommendations For CAT-QuickHeal version 8.0, consider updating to a newer version that addresses this issue, as the current version allows malicious files to bypass virus scanning due to the misinterpretation of the "MZ" magic byte sequence. At the moment, there is no information about a newer version that contains a fix for this vulnerability.