Remote Execution Flaw in Sophos Antivirus for Malicious Archive Files
CVE-2005-3216

Currently unrated

Key Information:

Vendor: Sophos
Status: Sophos Anti-virus
Vendor: CVE Published:; 14 October 2005

Summary

A vulnerability in unspecified versions of Sophos Antivirus allows remote attackers to exploit a flaw concerning the handling of malformed RAR files. This interpretation error can permit the execution of malicious executables, circumventing virus detection mechanisms. Notably, this flaw occurs through specially crafted RAR files featuring malformed central and local headers, which can be opened by other software like WinRAR and PowerZip, while being flagged as corrupted by WinZip and BitZipper.

References

http://shadock.net/secubox/AVCraftedArchive.html

x_refsource_MISC

http://marc.info/?l=bugtraq&m=112879611919750&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Oct 14, 2005
Vulnerability Reserved
Oct 14, 2005