Lucene search

[email protected]NVD:CVE-2005-3220

HistoryOct 14, 2005 - 10:02 a.m.

CVE-2005-3220

2005-10-1410:02:00

[email protected]

web.nvd.nist.gov

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.005

Percentile

76.6%

JSON

Multiple interpretation error in unspecified versions of Norman Virus Control Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

Affected configurations

Nvd

Node

normanvirus_control_antivirus

VendorProductVersionCPE
normanvirus_control_antivirus*cpe:2.3:a:norman:virus_control_antivirus:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
norman	virus_control_antivirus	*	cpe:2.3:a:norman:virus_control_antivirus::::::::

References

marc.info/?l=bugtraq&m=112879611919750&w=2

shadock.net/secubox/AVCraftedArchive.html

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.005

Percentile

76.6%

JSON

Related for NVD:CVE-2005-3220

cve1 cvelist1