CVE-2012-1426 | Vulnerability Database | Aqua Security

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial 425A68 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Affected Software

Name	Vendor	Start Version	End Version
Command_antivirus	Authentium	5.2.11.5 (including)	5.2.11.5 (including)
Quick_heal	Cat	11.00 (including)	11.00 (including)
F-prot_antivirus	F-prot	4.6.2.117 (including)	4.6.2.117 (including)
Antivirus	K7computing	9.77.3565 (including)	9.77.3565 (including)
Norman_antivirus_&_antispyware	Norman	6.06.12 (including)	6.06.12 (including)
Rising_antivirus	Rising-global	22.83.00.03 (including)	22.83.00.03 (including)

References

http://osvdb.org/80406
http://osvdb.org/80407
http://osvdb.org/80409
http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005
http://www.securityfocus.com/bid/52585
https://exchange.xforce.ibmcloud.com/vulnerabilities/74241
http://osvdb.org/80406
http://osvdb.org/80407
http://osvdb.org/80409
http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005
http://www.securityfocus.com/bid/52585
https://exchange.xforce.ibmcloud.com/vulnerabilities/74241

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-1426
CWE	https://cwe.mitre.org/data/definitions/264.html