Lucene search

MitreCVE-2012-1460

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1460

2012-03-2110:11:49

CWE-264

mitre

web.nvd.nist.gov

gzip parser

antiy labs avl sdk

quick heal

command antivirus

malware detection

cve-2012-1460

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.965

Percentile

99.6%

JSON

The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with stray bytes at the end. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.

Affected configurations

Nvd

Node

aladdinesafeMatch7.0.17.0

anti-virusvba32Match3.12.14.2

antiyavl_sdkMatch2.0.3.7

authentiumcommand_antivirusMatch5.2.11.5

catquick_healMatch11.00

f-protf-prot_antivirusMatch4.6.2.117

jiangminjiangmin_antivirusMatch13.0.900

k7computingantivirusMatch9.77.3565

VendorProductVersionCPE
aladdinesafe7.0.17.0cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*
anti-virusvba323.12.14.2cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*
antiyavl_sdk2.0.3.7cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*
authentiumcommand_antivirus5.2.11.5cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*
catquick_heal11.00cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*
f-protf-prot_antivirus4.6.2.117cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*
jiangminjiangmin_antivirus13.0.900cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*
k7computingantivirus9.77.3565cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
aladdin	esafe	7.0.17.0	cpe:2.3:a:aladdin:esafe:7.0.17.0:::::::*
anti-virus	vba32	3.12.14.2	cpe:2.3:a:anti-virus:vba32:3.12.14.2:::::::*
antiy	avl_sdk	2.0.3.7	cpe:2.3:a:antiy:avl_sdk:2.0.3.7:::::::*
authentium	command_antivirus	5.2.11.5	cpe:2.3:a:authentium:command_antivirus:5.2.11.5:::::::*
cat	quick_heal	11.00	cpe:2.3:a:cat:quick_heal:11.00:::::::*
f-prot	f-prot_antivirus	4.6.2.117	cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:::::::*
jiangmin	jiangmin_antivirus	13.0.900	cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:::::::*
k7computing	antivirus	9.77.3565	cpe:2.3:a:k7computing:antivirus:9.77.3565:::::::*

References

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52629

exchange.xforce.ibmcloud.com/vulnerabilities/74308

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.965

Percentile

99.6%

JSON

Related for CVE-2012-1460