CVE-2005-2298
Severity Score
5.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards.
BitDefender Engine 1.6.1 y anteiores no escanea adecuadamente todos los adjuntos, lo que permite que atacantes remotos se salten el escaneo de virus mediante comandos de inicio y fin en el cuerpo del e-mail (lo que BitDefender trata como un adjunto uuencoded y deja de escanear).
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-07-19 CVE Reserved
- 2005-07-19 CVE Published
- 2024-06-25 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=112137542212322&w=2 | Mailing List | |
| http://securitytracker.com/id?1014495 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Softwin Search vendor "Softwin" | Bitdefender Engine Search vendor "Softwin" for product "Bitdefender Engine" | <= 1.6.1 Search vendor "Softwin" for product "Bitdefender Engine" and version " <= 1.6.1" | - |
Affected
| ||||||