Design/Logic Flaw

2012-03-2110:11:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.971 High

EPSS

Percentile

99.8%

JSON

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CPENameOperatorVersion
quick_healeq11.00
nod32_antiviruseq5795
norman_antivirus_\\&_antispywareeq6.06.12
rising_antiviruseq22.83.00.03

Name	Operator	Version
quick_heal	eq	11.00
nod32_antivirus	eq	5795
norman_antivirus_\\&_antispyware	eq	6.06.12
rising_antivirus	eq	22.83.00.03

References

osvdb.org/80409

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52583