CVE-2005-3378

Name of the Vulnerable Software and Affected Versions Norman version 5.81 with the 5.83.02 engine

Description The issue allows remote attackers to bypass virus scanning by exploiting a multiple interpretation error. This can be achieved by using a file with an "MZ" magic byte sequence, typically associated with EXE files, in files such as BAT, HTML, and EML. As a result, the file is treated as a safe type but can still be executed as a dangerous file type by applications on the end system. An example of this exploit is a "triple headed" program containing EXE, EML, and HTML content.

Recommendations For Norman version 5.81 with the 5.83.02 engine, consider updating to a newer version that addresses this issue, as the current version allows files to be misinterpreted and potentially executed as dangerous file types. At the moment, there is no information about a newer version that contains a fix for this vulnerability.