CVE Vulnerabilities

CVE-2012-1420

Published: Mar 21, 2012 | Modified: Aug 14, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial 7fELF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Affected Software

Name Vendor Start Version End Version
Command_antivirus Authentium 5.2.11.5 (including) 5.2.11.5 (including)
Quick_heal Cat 11.00 (including) 11.00 (including)
Nod32_antivirus Eset 5795 (including) 5795 (including)
F-prot_antivirus F-prot 4.6.2.117 (including) 4.6.2.117 (including)
Fortinet_antivirus Fortinet 4.2.254.0 (including) 4.2.254.0 (including)
Antivirus K7computing 9.77.3565 (including) 9.77.3565 (including)
Kaspersky_anti-virus Kaspersky 7.0.0.125 (including) 7.0.0.125 (including)
Security_essentials Microsoft 2.0 (including) 2.0 (including)
Norman_antivirus_&_antispyware Norman 6.06.12 (including) 6.06.12 (including)
Panda_antivirus Pandasecurity 10.0.2.7 (including) 10.0.2.7 (including)
Rising_antivirus Rising-global 22.83.00.03 (including) 22.83.00.03 (including)

References