Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-1459
HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1459

2012-03-2110:11:49
CWE-264
[email protected]
web.nvd.nist.gov
2

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.975 High

EPSS

Percentile

100.0%

JSON

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Affected configurations

NVD
Node
ahnlabv3_internet_securityMatch2011.01.18.00
OR
alwilavast_antivirusMatch4.8.1351.0
OR
alwilavast_antivirusMatch5.0.677.0
OR
anti-virusvba32Match3.12.14.2
OR
antiyavl_sdkMatch2.0.3.7
OR
authentiumcommand_antivirusMatch5.2.11.5
OR
avgavg_anti-virusMatch10.0.0.1190
OR
aviraantivirMatch7.11.1.163
OR
bitdefenderbitdefenderMatch7.2
OR
catquick_healMatch11.00
OR
clamavclamavMatch0.96.4
OR
comodocomodo_antivirusMatch7424
OR
emsisoftanti-malwareMatch5.1.0.1
OR
esetnod32_antivirusMatch5795
OR
f-protf-prot_antivirusMatch4.6.2.117
OR
f-securef-secure_anti-virusMatch9.0.16160.0
OR
fortinetfortinet_antivirusMatch4.2.254.0
OR
gdata-softwareg_data_antivirusMatch21
OR
ikarusikarus_virus_utilities_t3_command_line_scannerMatch1.1.97.0
OR
jiangminjiangmin_antivirusMatch13.0.900
OR
k7computingantivirusMatch9.77.3565
OR
kasperskykaspersky_anti-virusMatch7.0.0.125
OR
mcafeegatewayMatch2010.1c
OR
mcafeescan_engineMatch5.400.0.1158
OR
microsoftsecurity_essentialsMatch2.0
OR
normannorman_antivirus_\&_antispywareMatch6.06.12
OR
nprotectnprotect_antivirusMatch2011-01-17.01
OR
pandasecuritypanda_antivirusMatch10.0.2.7
OR
pc_toolspc_tools_antivirusMatch7.0.3.5
OR
rising-globalrising_antivirusMatch22.83.00.03
OR
sophossophos_anti-virusMatch4.61.0
OR
symantecendpoint_protectionMatch11.0
OR
trendmicrohousecallMatch9.120.0.1004
OR
trendmicrotrend_micro_antivirusMatch9.120.0.1004
OR
virusbustervirusbusterMatch13.6.151.0

Related

debiancve 1
cve 1
ubuntucve 1
checkpoint_advisories 1
cvelist 1
prion 1
nessus 10
openvas 19
securityvulns 1
ubuntu 3
altlinux 3
suse 1
fedora 4
freebsd 1
debiancve
debiancve
CVE-2012-1459
2012-03-21 10:11:49
cve
cve
CVE-2012-1459
2012-03-21 10:11:49
ubuntucve
ubuntucve
CVE-2012-1459
2012-03-21 00:00:00
checkpoint_advisories
checkpoint_advisories
Multiple Antivirus Products TAR file parser Security Bypass - Ver2 (CVE-2012-1459)
2014-03-03 00:00:00
cvelist
cvelist
CVE-2012-1459
2012-03-21 10:00:00
prion
prion
Code injection
2012-03-21 10:11:00
nessus
nessus
Ubuntu 11.04 / 11.10 / 12.04 LTS : clamav regression (USN-1482-2)
2012-06-20 00:00:00
Fedora 17 : clamav-0.97.5-1700.fc17 (2012-9563)
2012-06-25 00:00:00
ClamAV < 0.97.5 Multiple Vulnerabilities
2012-06-27 00:00:00
openvas
openvas
openSUSE: Security Advisory for ClamAV (openSUSE-SU-2012:0833-1)
2012-12-13 00:00:00
Fedora Update for clamav FEDORA-2013-4818
2013-04-15 00:00:00
Ubuntu Update for clamav USN-1482-3
2012-08-17 00:00:00
securityvulns
securityvulns
ClamAV antivirus multiple security vulnerabilities
2012-06-25 00:00:00
ubuntu
ubuntu
ClamAV regression
2012-06-20 00:00:00
ClamAV regression
2012-08-16 00:00:00
ClamAV vulnerabilities
2012-06-19 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package clamav version 0.97.5-alt1
2012-06-25 00:00:00
Security fix for the ALT Linux 8 package clamav version 0.97.5-alt1
2012-06-25 00:00:00
Security fix for the ALT Linux 9 package clamav version 0.97.5-alt1
2012-06-25 00:00:00
suse
suse
ClamAV: 0.97.5 update (important)
2012-07-04 09:10:22
fedora
fedora
[SECURITY] Fedora 17 Update: clamav-0.97.7-1.fc17
2013-04-12 22:23:41
[SECURITY] Fedora 17 Update: clamav-0.97.5-1700.fc17
2012-06-22 08:33:47
[SECURITY] Fedora 16 Update: clamav-0.97.5-1600.fc16
2012-07-10 20:59:36
freebsd
freebsd
clamav -- multiple vulnerabilities
2012-03-19 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.975 High

EPSS

Percentile

100.0%

JSON
Related for NVD:CVE-2012-1459
debiancve1cve1ubuntucve1checkpoint_advisories1cvelist1prion1nessus10openvas19securityvulns1ubuntu3altlinux3suse1fedora4freebsd1