The Panda parsing engine can be bypassed by a specially crafted CAB archive.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/77762/TZO-24-2009.txt
Source: https://packetstormsecurity.com/files/77762/Panda-Generic-Evasion.html