CVE-2020-9320
N/A
N/A
Summary
Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affects versions before 8.3.54.138 of Antivirus for Endpoint, Antivirus for Small Business, Exchange Security (Gateway), Internet Security Suite for Windows, Prime, Free Security Suite for Windows, and Cross Platform Anti-malware SDK. NOTE: Vendor asserts that vulnerability does not exist in product
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html
- https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf
- http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html
- http://seclists.org/fulldisclosure/2020/Feb/31
References
- https://blog.zoller.lu/p/from-low-hanging-fruit-department-avira.html
- https://www.zoller.lu/%5BTZO-01-2020%5D%20AVIRA%20Generic%20Bypass%20ISO.pdf
- http://packetstormsecurity.com/files/156472/AVIRA-Generic-Malformed-Container-Bypass.html
- http://seclists.org/fulldisclosure/2020/Feb/31
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.