Vulnerabilities > CVE-2005-3221 - Security Bypass vulnerability in Fortinet Antivirus

CVSS 5.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

high complexity

fortinet

NVD

Published: 2005-10-14

Updated: 2016-10-18

Summary

Multiple interpretation error in unspecified versions of Fortinet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

Vulnerable Configurations

Part	Description	Count
Hardware	Fortinet Fortinet Fortinet Antivirus *	1

References

http://marc.info/?l=bugtraq&m=112879611919750&w=2
http://shadock.net/secubox/AVCraftedArchive.html