VULHUB ™

Multiple antivirus products from various vendors are reported prone to a vulnerability that may allow potentially malformed ZIP archives to bypass detection. This issue arises when an affected application processes a ZIP archive containing potentially malicious files with specially crafted filenames. This issue could allow a malicious ZIP archive to bypass detection and to be executed by a recipient. This vulnerability reportedly affects Trend Micro InterScan VirusWall for Linux version 3.1. AVG Anti-Virus is reported affected as well. Sophos Sweep is being removed as a vulnerable package since the vendor has reported that the correct procedure for scanning archives is to use the '-all' switch instead of '-archive'. The application is not affected if '-all' switch is used to scan a malicious archive. This BID will be updated when more information becomes available.

Multiple antivirus products from various vendors are reported prone to a vulnerability that may allow potentially malformed ZIP archives to bypass detection. This issue arises when an affected application processes a ZIP archive containing potentially malicious files with specially crafted filenames. This issue could allow a malicious ZIP archive to bypass detection and to be executed by a recipient. This vulnerability reportedly affects Trend Micro InterScan VirusWall for Linux version 3.1. AVG Anti-Virus is reported affected as well. Sophos Sweep is being removed as a vulnerable package since the vendor has reported that the correct procedure for scanning archives is to use the '-all' switch instead of '-archive'. The application is not affected if '-all' switch is used to scan a malicious archive. This BID will be updated when more information becomes available.