Hi,

see
http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities
http://www.heise.de/security/news/meldung/52286 (German)
Heise
→ the last 2 links are for the manipulated ZIPs

File: eicar_g0.zip
Avast: No viruses found

malware in ZIPs with manipulated LOCAL header are detected, though:

File: eicar_l0.zip
Avast:
EICAR Test-NOT!!

EDIT: ok, months-old news → I linked this in the existing topic:
http://forum.avast.com/index.php?board=2;action=display;threadid=7964