Multiple Vendor Antivirus Products Malformed ZIP Archive Scan Evasion Vulnerability

Bugtraq ID: 12793
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Mar 14 2005 12:00AM
Updated: Feb 20 2007 08:36PM
Credit: Discovery is credited to Dr. Peter Bieringer. Thierry Zoller reported that this vulnerability affects AVG.
Vulnerable: Trend Micro Interscan Viruswall (Linux) 3.1
Symantec AntiVirus Corporate Edition 8.0
Sophos Sweep for Linux 3.91
Norman Virus Control 5.7
Ikarus Ikarus 2.32
Hacksoft TheHacker 5.8
Frisk Software F-Prot Antivirus for Windows
Frisk Software F-Prot Antivirus for Solaris
Frisk Software F-Prot Antivirus for Linux
Frisk Software F-Prot Antivirus for Exchange
Frisk Software F-Prot Antivirus for BSD
Clam Anti-Virus ClamAV 0.85.1
Clam Anti-Virus ClamAV 0.85
Clam Anti-Virus ClamAV 0.84 rc2
Clam Anti-Virus ClamAV 0.84 rc1
Clam Anti-Virus ClamAV 0.84
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
Clam Anti-Virus ClamAV 0.83
Clam Anti-Virus ClamAV 0.82
Clam Anti-Virus ClamAV 0.81
+ Gentoo Linux
Clam Anti-Virus ClamAV 0.80 rc4
Clam Anti-Virus ClamAV 0.80 rc3
Clam Anti-Virus ClamAV 0.80 rc2
Clam Anti-Virus ClamAV 0.80 rc1
Clam Anti-Virus ClamAV 0.80
Clam Anti-Virus ClamAV 0.70
Clam Anti-Virus ClamAV 0.68 -1
Clam Anti-Virus ClamAV 0.68
Clam Anti-Virus ClamAV 0.67
+ Gentoo Linux 1.4 _rc3
+ Gentoo Linux 1.4 _rc2
+ Gentoo Linux 1.4 _rc1
+ Gentoo Linux 1.4
Clam Anti-Virus ClamAV 0.65
Clam Anti-Virus ClamAV 0.60
Clam Anti-Virus ClamAV 0.54
Clam Anti-Virus ClamAV 0.53
Clam Anti-Virus ClamAV 0.52
Clam Anti-Virus ClamAV 0.51
AVG AVG Anti-Virus 7.1.308
AVG AVG Anti-Virus 7.0.251
AVG AVG Anti-Virus 7.0
AVG AVG Anti-Virus 6.0.710
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus