Lucene search

[email protected]CVE-2012-1442

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1442

2012-03-2110:11:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-1442

elf file

parser

vulnerability

antivirus

quick heal

mcafee

kaspersky

f-secure

sophos

esafe

fortinet

panda

antiy labs

rising antivirus

remote attackers

bypass malware detection

class field

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CPENameOperatorVersion
rising-global:rising_antivirusrising-global rising antiviruseq22.83.00.03
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq9.0.16160.0
sophos:sophos_anti-virussophos sophos anti-viruseq4.61.0
mcafee:gatewaymcafee gatewayeq2010.1c
kaspersky:kaspersky_anti-viruskaspersky kaspersky anti-viruseq7.0.0.125
cat:quick_healcat quick healeq11.00
fortinet:fortinet_antivirusfortinet fortinet antiviruseq4.2.254.0
antiy:avl_sdkantiy avl sdkeq2.0.3.7
aladdin:esafealaddin esafeeq7.0.17.0
pandasecurity:panda_antiviruspandasecurity panda antiviruseq10.0.2.7

CPE	Name	Operator	Version
rising-global:rising_antivirus	rising-global rising antivirus	eq	22.83.00.03
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	9.0.16160.0
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	4.61.0
mcafee:gateway	mcafee gateway	eq	2010.1c
kaspersky:kaspersky_anti-virus	kaspersky kaspersky anti-virus	eq	7.0.0.125
cat:quick_heal	cat quick heal	eq	11.00
fortinet:fortinet_antivirus	fortinet fortinet antivirus	eq	4.2.254.0
antiy:avl_sdk	antiy avl sdk	eq	2.0.3.7
aladdin:esafe	aladdin esafe	eq	7.0.17.0
pandasecurity:panda_antivirus	pandasecurity panda antivirus	eq	10.0.2.7

Rows per page:

1-10 of 111

References

osvdb.org/80426

osvdb.org/80427

osvdb.org/80428

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52598

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

Related for CVE-2012-1442

prion1 cvelist1