Lucene search

[email protected]CVE-2005-3499

HistoryNov 04, 2005 - 12:02 a.m.

CVE-2005-3499

2005-11-0400:02:00

[email protected]

web.nvd.nist.gov

frisk

f-prot

antivirus

bypass

zip

version header

remote attackers

nvd

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.9%

JSON

Frisk F-Prot Antivirus allows remote attackers to bypass protection via a ZIP file with a version header greater than 15, which prevents F-Prot from decompressing and analyzing the file.

Affected configurations

NVD

Node

frisk_softwaref-prot_antivirusbsd

frisk_softwaref-prot_antivirusexchange

frisk_softwaref-prot_antiviruslinux

frisk_softwaref-prot_antivirussolaris

frisk_softwaref-prot_antiviruswin

frisk_softwaref-prot_antivirusMatch3.12blinux

frisk_softwaref-prot_antivirusMatch3.12dbsd

frisk_softwaref-prot_antivirusMatch3.12dlinux

frisk_softwaref-prot_antivirusMatch3.16c

frisk_softwaref-prot_antivirusMatch4.4.2bsd

frisk_softwaref-prot_antivirusMatch4.4.2linux

CPENameOperatorVersion
frisk_software:f-prot_antivirusfrisk software f-prot antiviruseq*
frisk_software:f-prot_antivirusfrisk software f-prot antiviruseq3.12b
frisk_software:f-prot_antivirusfrisk software f-prot antiviruseq3.12d
frisk_software:f-prot_antivirusfrisk software f-prot antiviruseq3.16c
frisk_software:f-prot_antivirusfrisk software f-prot antiviruseq4.4.2

CPE	Name	Operator	Version
frisk_software:f-prot_antivirus	frisk software f-prot antivirus	eq	*
frisk_software:f-prot_antivirus	frisk software f-prot antivirus	eq	3.12b
frisk_software:f-prot_antivirus	frisk software f-prot antivirus	eq	3.12d
frisk_software:f-prot_antivirus	frisk software f-prot antivirus	eq	3.16c
frisk_software:f-prot_antivirus	frisk software f-prot antivirus	eq	4.4.2

References

archives.neohapsis.com/archives/fulldisclosure/2005-11/0073.html

securitytracker.com/id?1015148

thierry.sniff-em.com/research/fprot.html

www.osvdb.org/20865

www.securityfocus.com/archive/1/415637/30/0/threaded

www.securityfocus.com/archive/1/502370/100/0/threaded

www.securityfocus.com/bid/15293

www.zoller.lu/research/fprot.htm

exchange.xforce.ibmcloud.com/vulnerabilities/22967

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.9%

JSON

Related for CVE-2005-3499

nvd1 cvelist1