{"id": "CVE-2005-3379", "bulletinFamily": "NVD", "title": "CVE-2005-3379", "description": "Multiple interpretation error in Trend Micro (1) PC-Cillin 2005 12.0.1244 with the 7.510.1002 engine and (2) OfficeScan 7.0 with the 7.510.1002 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an \"MZ\" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a \"triple headed\" program that contains EXE, EML, and HTML content, aka the \"magic byte bug.\"", "published": "2005-10-30T14:34:00", "modified": "2018-10-19T15:36:00", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-3379", "reporter": "cve@mitre.org", "references": ["http://www.securityelf.org/updmagic.html", "http://www.securityelf.org/magicbyte.html", "http://marc.info/?l=bugtraq&m=113026417802703&w=2", "http://www.securityfocus.com/archive/1/415173", "http://www.securityfocus.com/bid/15189", "http://www.securityelf.org/magicbyteadv.html"], "cvelist": ["CVE-2005-3379"], "type": "cve", "lastseen": "2019-05-29T18:08:15", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "070abc55f48961ae1445b12a8ac902f5"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "c40d560b80ec786223a3187d42414ec3"}, {"key": "cpe23", "hash": "78a30a86720052b8aa9157f73d4b333a"}, {"key": "cvelist", "hash": "a4042cd9c46bd1d20f5b28af5d8e7472"}, {"key": "cvss", "hash": "1e7c2c7ebabdae1d396543cea1053bd4"}, {"key": "cvss2", "hash": "6f10d280da8e1b22850a769f038457a0"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "78a7a5cbaf09985c14389298e454e7db"}, {"key": "description", "hash": "9597fe509b7f7d52b39ab4a03c80d9ee"}, {"key": "href", "hash": "597c2ae7fa2500b5e43eaec0141af5d2"}, {"key": "modified", "hash": "819698bdd108a46fab2c80beae08bebb"}, {"key": "published", "hash": "d3b7dc75e9aba231aa44b5f1d1c716ec"}, {"key": "references", "hash": "c1a8d8a6e340abf812be7fdadab7f41d"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "e1b60c3fc92c93f04691c445b3370323"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "27b8e1c1a96a3418b5d7605748bf20b99b8e93375f606eb9301ff8873f3f8909", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:20932"]}], "modified": "2019-05-29T18:08:15", "rev": 2}, "score": {"value": 3.6, "vector": "NONE", "modified": "2019-05-29T18:08:15", "rev": 2}, "vulnersScore": 3.6}, "objectVersion": "1.3", "cpe": ["cpe:/a:trend_micro:officescan:7.0_engine_7.510.1002", "cpe:/a:trend_micro:pc-cillin_2005:12.0.1244_engine_7.510.1002"], "affectedSoftware": [{"name": "trend_micro pc-cillin_2005", "operator": "eq", "version": "12.0.1244_engine_7.510.1002"}, {"name": "trend_micro officescan", "operator": "eq", "version": "7.0_engine_7.510.1002"}], "cvss2": {"cvssV2": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "cpe23": ["cpe:2.3:a:trend_micro:pc-cillin_2005:12.0.1244_engine_7.510.1002:*:*:*:*:*:*:*", "cpe:2.3:a:trend_micro:officescan:7.0_engine_7.510.1002:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:17", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nOther Advisory URL: http://www.securityelf.org/magicbyte.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0539.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0077.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-10/0313.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0556.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0609.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0504.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0529.html\nGeneric Informational URL: http://news.com.com/Evasion+bug+bites+virus+shields/2100-1002_3-5924738.html\n[CVE-2005-3371](https://vulners.com/cve/CVE-2005-3371)\n[CVE-2005-3379](https://vulners.com/cve/CVE-2005-3379)\n[CVE-2005-3381](https://vulners.com/cve/CVE-2005-3381)\n[CVE-2005-3400](https://vulners.com/cve/CVE-2005-3400)\n[CVE-2005-3372](https://vulners.com/cve/CVE-2005-3372)\n[CVE-2005-3375](https://vulners.com/cve/CVE-2005-3375)\n[CVE-2005-3377](https://vulners.com/cve/CVE-2005-3377)\n[CVE-2005-3399](https://vulners.com/cve/CVE-2005-3399)\n[CVE-2005-3401](https://vulners.com/cve/CVE-2005-3401)\n[CVE-2005-3370](https://vulners.com/cve/CVE-2005-3370)\n[CVE-2005-3374](https://vulners.com/cve/CVE-2005-3374)\n[CVE-2005-3376](https://vulners.com/cve/CVE-2005-3376)\n[CVE-2005-3378](https://vulners.com/cve/CVE-2005-3378)\n[CVE-2005-3373](https://vulners.com/cve/CVE-2005-3373)\n[CVE-2005-3380](https://vulners.com/cve/CVE-2005-3380)\n[CVE-2005-3382](https://vulners.com/cve/CVE-2005-3382)\nBugtraq ID: 15189\n", "modified": "2005-10-24T13:04:06", "published": "2005-10-24T13:04:06", "href": "https://vulners.com/osvdb/OSVDB:20932", "id": "OSVDB:20932", "title": "Multiple Anti-Virus Crafted Filetype Header Scan Bypass (magic byte)", "type": "osvdb", "cvss": {"score": 5.1, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}