The McAfee parsing engine can be bypassed by a specially crafted and formatted RAR (Headflags and Packsize) or ZIP (Filelenght) archive.
ea6b4633d140cbe430fe0b6edb6bb33bbd4a99f3c81428950542a31c2a9d70f3The Trendmicro parsing engine can be bypassed by specially crafted and formatted ZIP, RAR, and CAB archives.
abed09554259c2e3388a70a248472bb87093766b256b9972dcf7ee400e610a4bThe ESET Nod32 parsing engine can be bypassed by a specially crafted and formatted CAB archive.
1c69319e78e7b2c5cc45a466ee1778e1e75bb147ad1ae4612f28dc3cc03020ceThe Aladdin eSafe parsing engine can be bypassed by a specially crafted and formatted archive file.
bd8bc62ccc20c7336a31c7fa6429f28146402aba1afd6d44405f7bc420581150The Comodo Antivirus parsing engine can be bypassed by a specially crafted and formatted RAR archive.
18b393059b9194ffe44de9030e73d9f2b01ee62075973b7408323109bf2feb1fThe Avira Antivirus parsing engine can be bypassed by a specially crafted and formatted CAB archive.
9b038c8e5f10a03ac624831a08698ba08315d147290d5e5bb33799922ee5499fSun Java VM versions 6 update 1 and 6 update 2 are susceptible to a remote code execution vulnerability.
cc9f245448e9d2a35b3c826e7f61f75d2e36861758f1b13f2c26789140c20c84The parsing engine in Fortinet can be bypassed by a specially crafted and formated archive file. The bug results in denying the engine the possibility to inspect code within the archive. There is no inspection of the content at all.
7330e5a1ce82e9df459efa7a72231861338a5a8b8faa3988279a52bfc3e70f47The parsing engine in Nod32 can be bypassed by a specially crafted and formated RAR archive. The bug results in denying the engine the possibility to inspect code within the RAR archive. There is no inspection of the content at all.
d16a3930303232da6c6000c0a2a401a46a80e757ad3095cd2dae73fd1b647c35The parsing engine in AVAST can be bypassed by a specially crafted and formated RAR archive. The bug results in denying the engine the possibility to inspect code within the RAR archive. There is no inspection of the content at all.
71d1ca5d2a352a58e67248f0d06a4195472337d5f22e84e988c377d1a10de562The parsing engine in Bitdefender can be bypassed by a specially crafted and formatted CAB archive. The bug results in denying the engine the possibility to inspect code within the CAB archive. There is no inspection of the content at all.The parsing engine in Bitdefender can be bypassed by a specially crafted and formatted CAB archive. The bug results in denying the engine the possibility to inspect code within the CAB archive. There is no inspection of the content at all.
ddecd2cf5fc9845db8845c9acc356945dc8128e6106ec9e79fbafd2c19b5fdd0The parsing engine in F-PROT can be bypassed by manipulating the ZIP method field. It is as easy as opening a ZIP file in an editor and typing a number greater than 15 on your keyboard. This is a four year old vulnerability that they still have not patched.
32f11246969d4155068655689ca4f9c6ab515a0c2d759dc6e70b8a523521f060The parsing engine in IBM ISS Proventia can be bypassed by manipulating RAR archives in a certain way that the IBM engine cannot extract the content but the end user is able to.
886d00514b2f82efe2ac88764af3dbf921d459eedb7677dd4ebbc80781b7f291The parsing engine in Clam AntiVirus versions below 0.95 can be bypassed by manipulating RAR archives in a certain way that ClamAV cannot extract the content but the end user is able to.
1ad9a4ac9d3a2014ada24abfdc78454052f88645c0a7e7f90b20fe8a14b687f4Avira Antivirus suffers from a privilege escalation vulnerability that achieves SYSTEM access.
5d9c944c45aa3bc86141cdbb88a4b1912da345c75110c1c830b3814ad67079caAvira Antivirus suffers from division by zero / null pointer dereferencing vulnerabilities when handling a malformed RAR archive.
3e074bda1d6c4131f956074250da30e305fd5f819946441e5497bdd2e6b9a43eA remote code execution vulnerability exists in Internet Explorer due to accesses to uninitialized memory in certain cases of DTML constructs. As a result, memory may be corrupted in such a way that an attacker could execute arbitrary code in the context of the logged-on user.
63f11a575a512f09a4c59bdac83e1c1fd7a29a172f4f6cffa5c7ba94519fb9fdJscape Secure FTP Applet does not perform SSH host key verification allowing man in the middle attacks.
faae475df15c9545776b1f8e33f497ed17c8c899a7b8c58535a164d5dafe252dThe Iframe-Cash/Iframe-Dollars Adware company does not only rootkit your machine, it also keystroke logs your banking details. Lovely.
b1813e4a381860177beb2d4841d451719bde3e5627d9a8789ebccc36b67d6ec0Presentation given at 23C3 called Bluetooth Hacking Revisited.
62cb81e204ee1879c82113f8ffc4c4c8fa9b539abcf6a25d3af5d29d73336577XAMPP version 1.5.2 is susceptible to multiple privilege escalation flaws and a rogue autostart vulnerability.
7297df138d18e6eb6c7c38264ddf0a821e1cc6c91cdd646bca96f9ef24a832d5ZangoCash is susceptible to an insecure auto-update and file execution flaw.
f4814f729712c71d4dbcb9c9ef8b53cb1a76f9656a661d5952b8194aa57cc854TZO-062006-SafenSec - Insecure File execution and Auto-startup
d74e41285a6e36ab1423145edffb11a10cf1d1c911e75311f125375c6e4e6021TZO-012006 - Checkpoint VPN-1 SecureClient insecure usage of CreateProcess()
ddfa7039151f9be7a466fc3ee6130bce6ca4b3302873a8f391f1cfe7ff9151f2The F-Prot engine fails to decompress ZIP files that have a version header greater then 15. The consequence is that the F-prot Engine is unable to scan the virus/malware inside and consequently flags it as harmless. If used as an Email Gateway solution the offending Emails will slip through.
84a0def1156ec4829f01d470e51e93f26500ba11e4fc5b0989eaa0d50dedd25a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed