Multiple Interpretation Error in Fortinet Antivirus
CVE-2005-3221

Currently unrated

Key Information:

Vendor: Fortinet
Status: Fortinet Antivirus
Vendor: CVE Published:; 14 October 2005

Summary

A vulnerability exists in unspecified versions of Fortinet Antivirus due to a multiple interpretation error that allows remote attackers to bypass virus detection. This is achieved through a specially crafted RAR file containing malformed central and local headers. As a result, malicious executables can be recognized by certain archive utilities, such as WinRAR and PowerZip, while being flagged as corrupted by others like WinZip and BitZipper. This discrepancy enables attackers to exploit the flaw for potential malicious intent.

References

http://shadock.net/secubox/AVCraftedArchive.html

x_refsource_MISC

http://marc.info/?l=bugtraq&m=112879611919750&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Oct 14, 2005
Vulnerability Reserved
Oct 14, 2005