CVE-2005-3212
https://notcve.org/view.php?id=CVE-2005-3212
Multiple interpretation error in unspecified versions of NOD32 Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. • http://marc.info/?l=bugtraq&m=112879611919750&w=2 http://shadock.net/secubox/AVCraftedArchive.html •
CVE-2005-2903
https://notcve.org/view.php?id=CVE-2005-2903
Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename. • http://marc.info/?l=bugtraq&m=112621063025054&w=2 http://secunia.com/advisories/16604 http://secunia.com/secunia_research/2005-40/advisory http://www.securityfocus.com/bid/14773 https://exchange.xforce.ibmcloud.com/vulnerabilities/22203 •
CVE-2004-1096 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-1096
Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. El módulo Perl Archive::Zip anterior a 1.14, cuando se usa en programas antivirus como amavisd-new, permite a atacantes remotos saltarse la protección del antivirus mediante un ficheros comprimido con cabeceras globales y locales establecido a cero, lo que no impide que el fichero comprimido sea abierto en un sistema objetivo. • https://www.exploit-db.com/exploits/629 http://secunia.com/advisories/13038 http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/492545 http://www.mandriva.com/security/advisories?name=MDKSA-2004:118 http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •
CVE-2004-0933 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0933
Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •
CVE-2004-0937 – Multiple AntiVirus - '.zip' Detection Bypass
https://notcve.org/view.php?id=CVE-2004-0937
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. • https://www.exploit-db.com/exploits/629 http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true http://www.kb.cert.org/vuls/id/968818 http://www.securityfocus.com/bid/11448 https://exchange.xforce.ibmcloud.com/vulnerabilities/17761 •