← Back

CVE-2012-1460

nvd nist
Published: Mar 21, 2012Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with stray bytes at the end. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.

Affected (8)

Products: Aladdin: Esafe · Anti Virus: Vba32 · Antiy: Avl Sdk · +5 more
Show all products
Aladdin: Esafe · Anti Virus: Vba32 · Antiy: Avl Sdk · Authentium: Command Antivirus · Cat: Quick Heal · F Prot: F Prot Antivirus · Jiangmin: Jiangmin Antivirus · K7computing: Antivirus
Aladdin
1 product
Esafe
Anti Virus
1 product
Vba32
Antiy
1 product
Avl Sdk
Authentium
1 product
Command Antivirus
Cat
1 product
Quick Heal
F Prot
1 product
F Prot Antivirus
Jiangmin
1 product
Jiangmin Antivirus
K7computing
1 product
Antivirus
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Esafe
Version 7.0.17.0
Vba32
Version 3.12.14.2
Avl Sdk
Version 2.0.3.7
Command Antivirus
Version 5.2.11.5
Quick Heal
Version 11.00
F Prot Antivirus
Version 4.6.2.117
Jiangmin Antivirus
Version 13.0.900
Antivirus
Version 9.77.3565

Related CWEs

CWE-264
CWE-264

References (8)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.