CVE-2005-3377
published 2005-10-30CVE-2005-3377: Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with…
PriorityP418medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EPSS
1.32%
67.2th percentile
Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mcafee | internet_security_suite | — | — |
| mcafee | internet_security_suite | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=113026417802703&w=2http://www.securityelf.org/magicbyte.htmlhttp://www.securityelf.org/magicbyteadv.htmlhttp://www.securityelf.org/updmagic.htmlhttp://www.securityfocus.com/bid/15189http://marc.info/?l=bugtraq&m=113026417802703&w=2http://www.securityelf.org/magicbyte.htmlhttp://www.securityelf.org/magicbyteadv.htmlhttp://www.securityelf.org/updmagic.htmlhttp://www.securityfocus.com/bid/15189
2005-10-30
Published