Lucene search

[email protected]CVE-2012-1461

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1461

2012-03-2110:11:00

CWE-264

[email protected]

web.nvd.nist.gov

cve-2012-1461

gzip file parser

antivirus software

remote attackers

bypass malware detection

.tar.gz file

compressed streams

7.4 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.973 High

EPSS

Percentile

99.9%

JSON

The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.

CPENameOperatorVersion
bitdefender:bitdefenderbitdefendereq7.2
norman:norman_antivirus_\&_antispywarenorman norman antivirus \& antispywareeq6.06.12
rising-global:rising_antivirusrising-global rising antiviruseq22.83.00.03
anti-virus:vba32anti-virus vba32eq3.12.14.2
eset:nod32_antiviruseset nod32 antiviruseq5795
trendmicro:housecalltrendmicro housecalleq9.120.0.1004
symantec:endpoint_protectionsymantec endpoint protectioneq11.0
trendmicro:trend_micro_antivirustrendmicro trend micro antiviruseq9.120.0.1004
f-secure:f-secure_anti-virusf-secure f-secure anti-viruseq9.0.16160.0
sophos:sophos_anti-virussophos sophos anti-viruseq4.61.0

CPE	Name	Operator	Version
bitdefender:bitdefender	bitdefender	eq	7.2
norman:norman_antivirus_\&_antispyware	norman norman antivirus \& antispyware	eq	6.06.12
rising-global:rising_antivirus	rising-global rising antivirus	eq	22.83.00.03
anti-virus:vba32	anti-virus vba32	eq	3.12.14.2
eset:nod32_antivirus	eset nod32 antivirus	eq	5795
trendmicro:housecall	trendmicro housecall	eq	9.120.0.1004
symantec:endpoint_protection	symantec endpoint protection	eq	11.0
trendmicro:trend_micro_antivirus	trendmicro trend micro antivirus	eq	9.120.0.1004
f-secure:f-secure_anti-virus	f-secure f-secure anti-virus	eq	9.0.16160.0
sophos:sophos_anti-virus	sophos sophos anti-virus	eq	4.61.0

Rows per page:

1-10 of 201

References

osvdb.org/80500

osvdb.org/80501

osvdb.org/80502

osvdb.org/80503

osvdb.org/80504

osvdb.org/80505

osvdb.org/80506

osvdb.org/80510

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52626

Social References

7.4 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.973 High

EPSS

Percentile

99.9%

JSON

Related for CVE-2012-1461

prion1 cvelist1