Sign-up

ID

VAR-200510-0204


CVE

CVE-2005-3221


TITLE

Fortinet Antivirus Malicious RAR File bypass virus detection vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200510-107

DESCRIPTION

Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. Fortinet Antivirus is prone to a security bypass vulnerability. Fortinet Antivirus is an antivirus software designed by Fortinet Company using signature database and heuristic scanning engine. Fortinet Antivirus unidentified version has multiple interpretation errors. The specially crafted RAR file contains malformed central and partial headers. Although it is considered damaged by Winzip and BitZipper and rejected, it can still be opened by products such as Winrar and PowerZip

Trust: 1.26

sources: NVD: CVE-2005-3221 // BID: 89281 // VULHUB: VHN-14430

AFFECTED PRODUCTS

vendor:fortinetmodel:antivirusscope:eqversion:*

Trust: 1.0

vendor:fortinetmodel:antivirusscope: - version: -

Trust: 0.6

vendor:fortinetmodel:antivirusscope:eqversion:0

Trust: 0.3

sources: BID: 89281 // CNNVD: CNNVD-200510-107 // NVD: CVE-2005-3221

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-3221
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-200510-107
value: MEDIUM

Trust: 0.6

VULHUB: VHN-14430
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2005-3221
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-14430
severity: MEDIUM
baseScore: 5.1
vectorString: AV:N/AC:H/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 4.9
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-14430 // CNNVD: CNNVD-200510-107 // NVD: CVE-2005-3221

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3221

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200510-107

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200510-107

EXTERNAL IDS

db:NVDid:CVE-2005-3221

Trust: 2.0

db:CNNVDid:CNNVD-200510-107

Trust: 0.7

db:BUGTRAQid:20051007 ANTIVIRUS DETECTION BYPASS BY SPECIAL CRAFTED ARCHIVE.

Trust: 0.6

db:BIDid:89281

Trust: 0.4

db:VULHUBid:VHN-14430

Trust: 0.1

sources: VULHUB: VHN-14430 // BID: 89281 // CNNVD: CNNVD-200510-107 // NVD: CVE-2005-3221

REFERENCES

url:http://shadock.net/secubox/avcraftedarchive.html

Trust: 2.0

url:http://marc.info/?l=bugtraq&m=112879611919750&w=2

Trust: 1.0

url:http://marc.theaimsgroup.com/?l=bugtraq&m=112879611919750&w=2

Trust: 0.9

url:http://marc.info/?l=bugtraq&m=112879611919750&w=2

Trust: 0.1

sources: VULHUB: VHN-14430 // BID: 89281 // CNNVD: CNNVD-200510-107 // NVD: CVE-2005-3221

CREDITS

Unknown

Trust: 0.3

sources: BID: 89281

SOURCES

db:VULHUBid:VHN-14430
db:BIDid:89281
db:CNNVDid:CNNVD-200510-107
db:NVDid:CVE-2005-3221

LAST UPDATE DATE

2024-08-14T13:40:02.922000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-14430date:2016-10-18T00:00:00
db:BIDid:89281date:2005-10-14T00:00:00
db:CNNVDid:CNNVD-200510-107date:2005-10-20T00:00:00
db:NVDid:CVE-2005-3221date:2016-10-18T03:33:49.883

SOURCES RELEASE DATE

db:VULHUBid:VHN-14430date:2005-10-14T00:00:00
db:BIDid:89281date:2005-10-14T00:00:00
db:CNNVDid:CNNVD-200510-107date:2005-10-14T00:00:00
db:NVDid:CVE-2005-3221date:2005-10-14T10:02:00