FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

p5-Archive-Zip -- virus detection evasion

Affected packages
p5-Archive-Zip < 1.14

Details

VuXML ID a5742055-300a-11d9-a9e7-0001020eed82
Discovery 2004-10-18
Entry 2004-11-08

An AMaViS Security Announcement reports that a vulnerability exist in the Archive::Zip Perl module which may lead to bypass of malicious code in anti-virus programs by creating specially crafted ZIP files.

References

URL http://rt.cpan.org/NoAuth/Bug.html?id=8077
URL http://www.amavis.org/security/asa-2004-6.txt
URL http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities