The ZIP inspection engine in Cisco AsyncOS 8.5 and earlier on the Cisco Email Security Appliance (ESA) does not properly analyze ZIP archives, which allows remote attackers to bypass malware filtering via a crafted archive, aka Bug ID CSCup07934.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2014-10-19T01:00:00

Updated: 2024-08-06T10:43:05.480Z

Reserved: 2014-05-07T00:00:00

Link: CVE-2014-3381

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-10-19T01:55:13.607

Modified: 2024-11-21T02:07:58.787

Link: CVE-2014-3381

cve-icon Redhat

No data.