CVE-2012-1446

Description

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Affected (14)

Products: Aladdin: Esafe · Antiy: Avl Sdk · Ca: Etrust Vet Antivirus · +10 more

Show all products

1 product

1 product

1 product

1 product

1 product

1 product

2 products

1 product

Norman Antivirus & Antispyware

1 product

1 product

1 product

1 product

1 product

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Aladdin Esafe	Version 7.0.17.0
Antiy Avl Sdk	Version 2.0.3.7
Ca Etrust Vet Antivirus	Version 36.1.8511
Cat Quick Heal	Version 11.00
Fortinet Fortinet Antivirus	Version 4.2.254.0
Kaspersky Kaspersky Anti Virus	Version 7.0.0.125
Mcafee Gateway	Version 2010.1c
Mcafee Scan Engine	Version 5.400.0.1158
Norman Norman Antivirus & Antispyware	Version 6.06.12
Pandasecurity Panda Antivirus	Version 10.0.2.7
Pc Tools Pc Tools Antivirus	Version 7.0.3.5
Rising Global Rising Antivirus	Version 22.83.00.03
Sophos Sophos Anti Virus	Version 4.61.0
Symantec Endpoint Protection	Version 11.0