CVE-2012-1421

Published: Mar 21, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Affected (4)

Products: Cat: Quick Heal · Norman: Norman Antivirus & Antispyware · Rising Global: Rising Antivirus · +1 more

Show all products

Cat: Quick Heal · Norman: Norman Antivirus & Antispyware · Rising Global: Rising Antivirus · Symantec: Endpoint Protection

Cat

1 product

Quick Heal

Norman

1 product

Norman Antivirus & Antispyware

1 product

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Cat Quick Heal	Version 11.00
Norman Norman Antivirus & Antispyware	Version 6.06.12
Rising Global Rising Antivirus	Version 22.83.00.03
Symantec Endpoint Protection	Version 11.0

Related CWEs

CWE-264

References (6)

http://osvdb.org/80409

Source: cve@mitre.org

http://www.ieee-security.org/TC/SP2012/program.html

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/522005

Source: cve@mitre.org

http://osvdb.org/80409

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ieee-security.org/TC/SP2012/program.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/522005

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.