Lucene search

[email protected]NVD:CVE-2005-3235

HistoryOct 14, 2005 - 10:02 a.m.

CVE-2005-3235

2005-10-1410:02:00

[email protected]

web.nvd.nist.gov

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.7%

JSON

Multiple interpretation error in unspecified versions of Proland Protector Plus 2000 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

Affected configurations

Nvd

Node

prolandprotector_plusMatch2000

VendorProductVersionCPE
prolandprotector_plus2000cpe:2.3:a:proland:protector_plus:2000:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
proland	protector_plus	2000	cpe:2.3:a:proland:protector_plus:2000:::::::*

References

marc.info/?l=bugtraq&m=112879611919750&w=2

shadock.net/secubox/AVCraftedArchive.html

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.7%

JSON

Related for NVD:CVE-2005-3235

cve1 cvelist1