CVE-2005-3400

Name of the Vulnerable Software and Affected Versions Fortinet version 2.48.0.0

Description The issue allows remote attackers to bypass virus scanning by manipulating files with an "MZ" magic byte sequence, normally associated with EXE files, but also present in files like BAT, HTML, and EML. This causes the file to be treated as a safe type, even though it could still be executed as a dangerous file type by applications on the end system. An example of exploitation is a "triple headed" program containing EXE, EML, and HTML content.

Recommendations For Fortinet version 2.48.0.0, update to a version that fixes the "magic byte bug" to prevent remote attackers from bypassing virus scanning.