CVE-2005-3216

Sophos Anti-Virus - Virus Detection Bypass via Malformed RAR Headers

Title source: llm
STIX 2.1

Description

Multiple interpretation error in unspecified versions of Sophos Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

References (2)

Core 2
Core References
Various Sources x_refsource_misc
http://shadock.net/secubox/AVCraftedArchive.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=112879611919750&w=2

Scores

EPSS 0.0087
EPSS Percentile 75.4%

Details

Status published
Products (1)
sophos/sophos_anti-virus
Published Oct 14, 2005
Tracked Since Feb 18, 2026