Lucene search

[email protected]CVE-2012-1446

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1446

2012-03-2110:11:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-1446

remote code execution

antivirus

elf file

malware detection bypass

security vulnerability

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.973 High

EPSS

Percentile

99.9%

JSON

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CPENameOperatorVersion
norman:norman_antivirus_\&_antispywarenorman norman antivirus \& antispywareeq6.06.12
rising-global:rising_antivirusrising-global rising antiviruseq22.83.00.03
symantec:endpoint_protectionsymantec endpoint protectioneq11.0
sophos:sophos_anti-virussophos sophos anti-viruseq4.61.0
mcafee:gatewaymcafee gatewayeq2010.1c
kaspersky:kaspersky_anti-viruskaspersky kaspersky anti-viruseq7.0.0.125
cat:quick_healcat quick healeq11.00
fortinet:fortinet_antivirusfortinet fortinet antiviruseq4.2.254.0
ca:etrust_vet_antivirusca etrust vet antiviruseq36.1.8511
antiy:avl_sdkantiy avl sdkeq2.0.3.7

CPE	Name	Operator	Version
norman:norman_antivirus_\&_antispyware	norman norman antivirus \& antispyware	eq	6.06.12
rising-global:rising_antivirus	rising-global rising antivirus	eq	22.83.00.03
symantec:endpoint_protection	symantec endpoint protection	eq	11.0
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	4.61.0
mcafee:gateway	mcafee gateway	eq	2010.1c
kaspersky:kaspersky_anti-virus	kaspersky kaspersky anti-virus	eq	7.0.0.125
cat:quick_heal	cat quick heal	eq	11.00
fortinet:fortinet_antivirus	fortinet fortinet antivirus	eq	4.2.254.0
ca:etrust_vet_antivirus	ca etrust vet antivirus	eq	36.1.8511
antiy:avl_sdk	antiy avl sdk	eq	2.0.3.7

Rows per page:

1-10 of 141

References

osvdb.org/80426

osvdb.org/80427

osvdb.org/80428

osvdb.org/80430

osvdb.org/80431

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52600

7.3 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.973 High

EPSS

Percentile

99.9%

JSON

Related for CVE-2012-1446

cvelist1 prion1