Remote Execution Flaw in Sophos Antivirus for Malicious Archive Files
CVE-2005-3216

Currently unrated

Key Information:

Vendor
Sophos
Vendor
CVE Published:
14 October 2005

Summary

A vulnerability in unspecified versions of Sophos Antivirus allows remote attackers to exploit a flaw concerning the handling of malformed RAR files. This interpretation error can permit the execution of malicious executables, circumventing virus detection mechanisms. Notably, this flaw occurs through specially crafted RAR files featuring malformed central and local headers, which can be opened by other software like WinRAR and PowerZip, while being flagged as corrupted by WinZip and BitZipper.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.