CVE-2005-3377

Summary

CVE	CVE-2005-3377
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2005-10-30 14:34:00 UTC
Updated	2016-10-18 03:34:00 UTC
Description	Multiple interpretation error in (1) McAfee Internet Security Suite 7.1.5 version 9.1.08 with the 4.4.00 engine and (2) McAfee Corporate 8.0.0 patch 10 with the 4400 engine allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."

Risk And Classification

Problem Types: NVD-CWE-Other

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Mcafee	Internet Security Suite	7.1.5_version_9.1.08_engine_4.4.00	All	All	All
Application	Mcafee	Internet Security Suite	8.0.0_patch_10_engine_4400	All	All	All
Application	Mcafee	Internet Security Suite	7.1.5_version_9.1.08_engine_4.4.00	All	All	All
Application	Mcafee	Internet Security Suite	8.0.0_patch_10_engine_4400	All	All	All

References

Reference	Source	Link	Tags
'Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability through' - MARC	BUGTRAQ	marc.info
404 Not Found \| AppleElf	MISC	www.securityelf.org	Vendor Advisory
Update for magic byte bug	MISC	www.securityelf.org
Multiple Vendor Anti-Virus Magic Byte Detection Evasion Vulnerability	BID	www.securityfocus.com
404 Not Found \| AppleElf	MISC	www.securityelf.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.