Vulnerabilities > CVE-2005-2298 - Security Bypass vulnerability in Bitdefender Engine

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

softwin

NVD

Published: 2005-07-19

Updated: 2016-10-18

Summary

BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards.

Vulnerable Configurations

Part	Description	Count
Application	Softwin Softwin Bitdefender Engine *	1

References

http://marc.info/?l=bugtraq&m=112137542212322&w=2
http://securitytracker.com/id?1014495