Remote Code Execution via Malicious RAR File in eTrust-Iris and eTrust-Vet Antivirus

Remote Code Execution via Malicious RAR File in eTrust-Iris and eTrust-Vet Antivirus

CVE-2005-3225 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

Multiple interpretation error in unspecified versions of (1) eTrust-Iris and (2) eTrust-Vet Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

Learn more about our Web Application Penetration Testing UK.