CyberSecurityBoard
Sponsor Register Login

CVE-2005-3211

Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

Publication date: Fri, 14 Oct 2005 15:02:00 +0000


Cyber News related to CVE-2005-3211

CVE-2005-3211 - Multiple interpretation error in unspecified versions of BitDefender Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be ...
8 years ago
CVE-2016-0200 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago
CVE-2016-0199 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago
CVE-2016-3211 - Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different ...
6 years ago
CVE-2009-4987 - admin/header.php in Scripteen Free Image Hosting Script 2.3 allows remote attackers to bypass authentication and gain administrative access by setting the cookgid cookie value to 1, a different vector than CVE-2008-3211. ...
1 year ago
CVE-2011-3211 - The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client. ...
13 years ago
CVE-2013-3211 - Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue." ...
11 years ago
CVE-2012-3211 - Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability via unknown vectors related to Kernel/System Call. ...
11 years ago
CVE-2007-3211 - Cross-site scripting (XSS) vulnerability in 404.php in Domain Technologie Control (DTC) before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI). NOTE: the provenance of this information is unknown; ...
7 years ago
CVE-2009-3211 - Directory traversal vulnerability in VivaPrograms Infinity Script 2.x.x, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the options[style_dir] parameter to the default URI. ...
7 years ago
CVE-2010-3211 - Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter ...
7 years ago
CVE-2015-3211 - php-fpm allows local users to write to or create arbitrary files via a symlink attack. ...
7 years ago
CVE-2008-3211 - Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1. ...
1 year ago
CVE-2006-3211 - Cross-site scripting (XSS) vulnerability in sign.php in cjGuestbook 1.3 and earlier allows remote attackers to inject Javascript code via a javascript URI in an img bbcode tag in the comments parameter. ...
10 months ago
CVE-2014-3211 - Publify before 8.0.1 is vulnerable to a Denial of Service attack ...
4 years ago
CVE-2017-3211 - Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks the first name, last initial, city, and recent purchase data of customers, all without user authorization. ...
4 years ago
CVE-2020-3211 - A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper ...
4 years ago
CVE-2018-3211 - Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serviceability). Supported versions that are affected are Java SE: 8u182 and 11; Java SE Embedded: 8u181. Easily exploitable vulnerability allows low privileged ...
2 years ago
CVE-2022-3211 - Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.6. ...
2 years ago
CVE-2023-3211 - The WordPress Database Administrator WordPress plugin through 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. ...
11 months ago Tenable.com
CVE-2024-3211 - The Shopping Cart & eCommerce Store plugin for WordPress is vulnerable to SQL Injection via the 'productid' attribute of the ec_addtocart shortcode in all versions up to, and including, 5.6.3 due to insufficient escaping on the user supplied ...
8 months ago Tenable.com
CVE-2023-52737 - In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only locks a file range in the inode's io tree. This ...
7 months ago Tenable.com
CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago
CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago
CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
1 year ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)