PT-2005-4169 · Arcavir · Arcavir

Andrey Bayora

Published

2005-10-29

Updated

2016-10-18

CVE-2005-3370

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions ArcaVir 2005 package 2005-06-21

Description The issue allows remote attackers to bypass virus scanning by using a file with an "MZ" magic byte sequence, which is normally associated with EXE files, but can be used in files such as BAT, HTML, and EML. This causes the file to be treated as a safe type, even though it could still be executed as a dangerous file type by applications on the end system.

Recommendations For ArcaVir 2005 package 2005-06-21, at the moment, there is no information about a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3370

Affected Products

Arcavir

PT-2005-4169 · Arcavir · Arcavir

CVE-2005-3370

Related Identifiers

Affected Products

References · 6