CAT Quick Heal 8.0

Summaryinfo

A vulnerability was found in CAT Quick Heal 8.0. It has been rated as problematic. The affected element is an unknown function. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2005-3399. No exploit exists.

Detailsinfo

A vulnerability was found in CAT Quick Heal 8.0. It has been rated as problematic. Impacted is integrity. The summary by CVE is:

Multiple interpretation error in CAT-QuickHeal 8.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."

The weakness was disclosed 11/01/2005 as not defined posting (Bugtraq). It is possible to read the advisory at marc.theaimsgroup.com. The identification of this vulnerability is CVE-2005-3399 since 11/01/2005. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. The technical details are unknown and an exploit is not publicly available.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

The entries VDB-26749 and VDB-26748 are pretty similar. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Vendor

• CAT

Name

• Quick Heal

Version

• 8.0

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion