Remote Execution Flaw in Sophos Antivirus for Malicious Archive Files
CVE-2005-3216
Currently unrated
Summary
A vulnerability in unspecified versions of Sophos Antivirus allows remote attackers to exploit a flaw concerning the handling of malformed RAR files. This interpretation error can permit the execution of malicious executables, circumventing virus detection mechanisms. Notably, this flaw occurs through specially crafted RAR files featuring malformed central and local headers, which can be opened by other software like WinRAR and PowerZip, while being flagged as corrupted by WinZip and BitZipper.
References
Timeline
Vulnerability published
Vulnerability Reserved