CVE-2012-1420
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD
Description
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \7fELF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
Affected (11)
Show all products
Authentium: Command Antivirus · Cat: Quick Heal · Eset: Nod32 Antivirus · F Prot: F Prot Antivirus · Fortinet: Fortinet Antivirus · K7computing: Antivirus · Kaspersky: Kaspersky Anti Virus · Microsoft: Security Essentials · Norman: Norman Antivirus & Antispyware · Pandasecurity: Panda Antivirus · Rising Global: Rising Antivirus
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 5.2.11.5 | |
| Version 11.00 | |
| Version 5795 | |
| Version 4.6.2.117 | |
| Version 4.2.254.0 | |
| Version 9.77.3565 | |
| Version 7.0.0.125 | |
| Version 2.0 | |
| Version 6.06.12 | |
| Version 10.0.2.7 | |
| Version 22.83.00.03 |
Related CWEs
References (12)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.