CVE-2005-3378

CVE-2005-3378 affects Norman 5.81 with the 5.83.02 engine. A interpretation error in handling files containing an MZ (EXE) magic byte sequence causes such files (e.g., BAT, HTML, EML) to be treated as safe types, enabling a “magic byte bug” where content can still execute as dangerous code. The v...

CVE-2005-3381

The CVE-2005-3381 entry concerns Ukrainian National Antivirus (UNA) 1.83.2.16 on kernel 265, where a multiple interpretation error in the file-type handling allows bypass of virus scanning. An attacker can supply a file (BAT, HTML, or EML) containing an MZ executable-like magic byte sequence that...

CVE-2005-3380

CVE-2005-3380 affects Panda Titanium 2005 4.02.01. A multiple interpretation error lets a file such as BAT, HTML, or EML containing an MZ magic byte sequence (normally associated with EXE) be treated as a safe type, yet could still be executed as a dangerous file type by end-system applications. ...

CVE-2005-3379

CVE-2005-3379 describes a multiple interpretation error in Trend Micro products: PC-Cillin 2005 (version 12.0.1244 with engine 7.510.1002) and OfficeScan 7.0 (engine 7.510.1002). The bug arises from how the scanner handles files with an "MZ" magic byte sequence (normally associated with EXE). Suc...

CVE-2005-3371

The CVE-2005-3371 entry describes a vulnerability in AVG 7.0.323 labeled the “magic byte bug.” A multiple interpretation error occurs when scanning files like BAT, HTML, and EML that start with an MZ (EXE) signature, causing such files to be treated as safe type yet still executable by end-system...

CVE-2005-3382

The CVE-2005-3382 entry describes a flaw in Sophos 3.91 with the 2.28.4 engine where an interpretation error allows a file (e.g., BAT, HTML, EML) containing an MZ magic byte sequence to be treated as a safe type, enabling bypass of virus scanning. This is a “magic byte bug” vulnerability that cou...

CVE-2005-3372

The CVE-2005-3372 entry concerns eTrust CA 7.0.1.4 (11.9.1 engine). The vulnerability arises from a magic byte bug: files with an unsuspecting extension (e.g., BAT, HTML, EML) containing an MZ EXE-like signature are treated as safe types but can still execute as dangerous content. This bypasses v...

CVE-2005-3370

The CVE-2005-3370 entry concerns ArcaVir 2005 package (vulnerable as of 2005-06-21). It describes a body of code that mishandles file type interpretation when encountering a file containing an MZ magic byte sequence in content such as BAT, HTML, or EML, causing the file to be treated as a safe ty...

CVE-2005-3373

The CVE-2005-3373 entry describes a vulnerability in Dr.Web 4.32b where an interpretation error in the virus scanner allows a crafted file (e.g., BAT, HTML, or EML) containing an MZ magic byte sequence (normally for EXE) to be treated as a safe type, yet still be executable as a dangerous file by...

CVE-2005-3377

Multiple interpretation error in 1 McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and 2 McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is...

CVE-2005-3370

Multiple interpretation error in ArcaVir 2005 package 2005-06-21 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be...

CVE-2005-3371

Multiple interpretation error in AVG 7 7.0.323 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...

CVE-2005-3372

Multiple interpretation error in eTrust CA 7.0.1.4 with the 11.9.1 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could...

CVE-2005-3375

Multiple interpretation error in Ikarus demo version allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...

CVE-2005-3381

Multiple interpretation error in Ukrainian National Antivirus UNA 1.83.2.16 with kernel 265 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe...

CVE-2005-3376

Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a...

CVE-2005-3374

Multiple interpretation error in F-Prot 3.16c allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangero...

CVE-2005-3373

Multiple interpretation error in Dr.Web 4.32b allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangero...

CVE-2005-3380

Multiple interpretation error in Panda Titanium 2005 4.02.01 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be execut...

[SA17218] PHP-Nuke NukeFixes Addon "file" Local File Inclusion Vulnerability

TITLE: PHP-Nuke NukeFixes Addon "file" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA17218 VERIFY ADVISORY: http://secunia.com/advisories/17218/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From remote SOFTWARE: NukeFixes 3.x addon for PHP-Nuke...