CVE-2005-3401

Name of the Vulnerable Software and Affected Versions TheHacker version 5.8.4.128

Description A multiple interpretation error allows remote attackers to bypass virus scanning by using files with an "MZ" magic byte sequence, normally associated with EXE files, but also present in files such as BAT, HTML, and EML. This causes the file to be treated as a safe type, even though it could still be executed as a dangerous file type by applications on the end system. An example of this issue is a "triple headed" program containing EXE, EML, and HTML content.

Recommendations For TheHacker version 5.8.4.128, consider restricting the execution of files with the "MZ" magic byte sequence that are not typically associated with EXE files, such as BAT, HTML, and EML, until a patch is available. As a temporary workaround, avoid using applications that could execute these files as dangerous types.