Lucene search

[email protected]CVE-2012-1443

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1443

2012-03-2110:11:48

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-1443

rar file parser

antivirus products

remote attackers

malware detection

vulnerability

6.5 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.

Affected configurations

NVD

Node

ahnlabv3_internet_securityMatch2011.01.18.00

aladdinesafeMatch7.0.17.0

alwilavast_antivirusMatch4.8.1351.0

alwilavast_antivirusMatch5.0.677.0

anti-virusvba32Match3.12.14.2

antiyavl_sdkMatch2.0.3.7

authentiumcommand_antivirusMatch5.2.11.5

avgavg_anti-virusMatch10.0.0.1190

aviraantivirMatch7.11.1.163

bitdefenderbitdefenderMatch7.2

catquick_healMatch11.00

clamavclamavMatch0.96.4

comodocomodo_antivirusMatch7424

emsisoftanti-malwareMatch5.1.0.1

esetnod32_antivirusMatch5795

f-protf-prot_antivirusMatch4.6.2.117

f-securef-secure_anti-virusMatch9.0.16160.0

fortinetfortinet_antivirusMatch4.2.254.0

gdata-softwareg_data_antivirusMatch21

ikarusikarus_virus_utilities_t3_command_line_scannerMatch1.1.97.0

jiangminjiangmin_antivirusMatch13.0.900

k7computingantivirusMatch9.77.3565

kasperskykaspersky_anti-virusMatch7.0.0.125

mcafeegatewayMatch2010.1c

mcafeescan_engineMatch5.400.0.1158

microsoftsecurity_essentialsMatch2.0

normannorman_antivirus_\&_antispywareMatch6.06.12

nprotectnprotect_antivirusMatch2011-01-17.01

pandasecuritypanda_antivirusMatch10.0.2.7

pc_toolspc_tools_antivirusMatch7.0.3.5

rising-globalrising_antivirusMatch22.83.00.03

sophossophos_anti-virusMatch4.61.0

symantecendpoint_protectionMatch11.0

trendmicrohousecallMatch9.120.0.1004

trendmicrotrend_micro_antivirusMatch9.120.0.1004

virusbustervirusbusterMatch13.6.151.0

CPENameOperatorVersion
ahnlab:v3_internet_securityahnlab v3 internet securityeq2011.01.18.00
aladdin:esafealaddin esafeeq7.0.17.0
alwil:avast_antivirusalwil avast antiviruseq4.8.1351.0
alwil:avast_antivirusalwil avast antiviruseq5.0.677.0
anti-virus:vba32anti-virus vba32eq3.12.14.2
antiy:avl_sdkantiy avl sdkeq2.0.3.7
authentium:command_antivirusauthentium command antiviruseq5.2.11.5
avg:avg_anti-virusavg avg anti-viruseq10.0.0.1190
avira:antiviravira antivireq7.11.1.163
bitdefender:bitdefenderbitdefendereq7.2

CPE	Name	Operator	Version
ahnlab:v3_internet_security	ahnlab v3 internet security	eq	2011.01.18.00
aladdin:esafe	aladdin esafe	eq	7.0.17.0
alwil:avast_antivirus	alwil avast antivirus	eq	4.8.1351.0
alwil:avast_antivirus	alwil avast antivirus	eq	5.0.677.0
anti-virus:vba32	anti-virus vba32	eq	3.12.14.2
antiy:avl_sdk	antiy avl sdk	eq	2.0.3.7
authentium:command_antivirus	authentium command antivirus	eq	5.2.11.5
avg:avg_anti-virus	avg avg anti-virus	eq	10.0.0.1190
avira:antivir	avira antivir	eq	7.11.1.163
bitdefender:bitdefender	bitdefender	eq	7.2

Rows per page:

1-10 of 361

References

osvdb.org/80454

osvdb.org/80455

osvdb.org/80456

osvdb.org/80457

osvdb.org/80458

osvdb.org/80459

osvdb.org/80460

osvdb.org/80461

osvdb.org/80467

osvdb.org/80468

osvdb.org/80469

osvdb.org/80470

osvdb.org/80471

osvdb.org/80472

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52612

6.5 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.975 High

EPSS

Percentile

100.0%

JSON

Related for CVE-2012-1443

ubuntucve1 cvelist1 nvd1 checkpoint_advisories1 prion1