Lucene search

[email protected]CVE-2012-1425

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1425

2012-03-2110:11:47

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-1425

remote code execution

antivirus

tar file parser

vulnerability

security

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.974 High

EPSS

Percentile

99.9%

JSON

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, and Trend Micro HouseCall 9.120.0.1004 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \50\4B\03\04 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Affected configurations

NVD

Node

antiyavl_sdkMatch2.0.3.7

aviraantivirMatch7.11.1.163

catquick_healMatch11.00

emsisoftanti-malwareMatch5.1.0.1

esetnod32_antivirusMatch5795

fortinetfortinet_antivirusMatch4.2.254.0

ikarusikarus_virus_utilities_t3_command_line_scannerMatch1.1.97.0

jiangminjiangmin_antivirusMatch13.0.900

kasperskykaspersky_anti-virusMatch7.0.0.125

mcafeegatewayMatch2010.1c

mcafeescan_engineMatch5.400.0.1158

normannorman_antivirus_\&_antispywareMatch6.06.12

pc_toolspc_tools_antivirusMatch7.0.3.5

symantecendpoint_protectionMatch11.0

trendmicrohousecallMatch9.120.0.1004

trendmicrotrend_micro_antivirusMatch9.120.0.1004

CPENameOperatorVersion
antiy:avl_sdkantiy avl sdkeq2.0.3.7
avira:antiviravira antivireq7.11.1.163
cat:quick_healcat quick healeq11.00
emsisoft:anti-malwareemsisoft anti-malwareeq5.1.0.1
eset:nod32_antiviruseset nod32 antiviruseq5795
fortinet:fortinet_antivirusfortinet fortinet antiviruseq4.2.254.0
ikarus:ikarus_virus_utilities_t3_command_line_scannerikarus ikarus virus utilities t3 command line scannereq1.1.97.0
jiangmin:jiangmin_antivirusjiangmin jiangmin antiviruseq13.0.900
kaspersky:kaspersky_anti-viruskaspersky kaspersky anti-viruseq7.0.0.125
mcafee:gatewaymcafee gatewayeq2010.1c

CPE	Name	Operator	Version
antiy:avl_sdk	antiy avl sdk	eq	2.0.3.7
avira:antivir	avira antivir	eq	7.11.1.163
cat:quick_heal	cat quick heal	eq	11.00
emsisoft:anti-malware	emsisoft anti-malware	eq	5.1.0.1
eset:nod32_antivirus	eset nod32 antivirus	eq	5795
fortinet:fortinet_antivirus	fortinet fortinet antivirus	eq	4.2.254.0
ikarus:ikarus_virus_utilities_t3_command_line_scanner	ikarus ikarus virus utilities t3 command line scanner	eq	1.1.97.0
jiangmin:jiangmin_antivirus	jiangmin jiangmin antivirus	eq	13.0.900
kaspersky:kaspersky_anti-virus	kaspersky kaspersky anti-virus	eq	7.0.0.125
mcafee:gateway	mcafee gateway	eq	2010.1c

Rows per page:

1-10 of 161

References

osvdb.org/80389

osvdb.org/80391

osvdb.org/80392

osvdb.org/80395

osvdb.org/80396

osvdb.org/80403

osvdb.org/80409

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

6.6 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.974 High

EPSS

Percentile

99.9%

JSON

Related for CVE-2012-1425

cvelist1 prion1 nvd1