[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-1426Date: (C)2012-03-21   (M)2023-12-22


The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial 425A68 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
http://www.securityfocus.com/archive/1/522005
BID-52585
OSVDB-80406
OSVDB-80407
OSVDB-80409
http://www.ieee-security.org/TC/SP2012/program.html
multiple-av-tar-evasion-cve20121426(74241)

CPE    5
cpe:/a:cat:quick_heal:11.00
cpe:/a:k7computing:antivirus:9.77.3565
cpe:/a:f-prot:f-prot_antivirus:4.6.2.117
cpe:/a:authentium:command_antivirus:5.2.11.5
...
CWE    1
CWE-264

© SecPod Technologies