828 matches found
CVE-2012-1449
The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMajor field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred...
CVE-2012-1445
The ELF file parser in eSafe 7.0.17.0, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abi field. NOTE: this may later be SPLIT into multiple CVEs if additional information...
CVE-2012-1448
The CVE-2012-1448 entry affects multiple AV products and parsers (Quick Heal/Cat QuickHeal 11.00, Trend Micro Antivirus 9.120.0.1004, Ikarus Virus Utilities T3 CLI Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti‑Malware 5.1.0.1). The root cause is a CAB file parser flaw th...
CVE-2012-1452
CVE-2012-1452 affects the CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (Cat QuickHeal) 11.00. It allows remote attackers to bypass malware detection by delivering a CAB file with a modified reserved1 field. The descripti...
CVE-2012-1422
The CVE-2012-1422 entry covers a TAR file-parsing flaw shared by several AV products: Quick Heal (Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03. The issue arises in the TAR parser when processing a POSIX TAR file with an initial ITSF charac...
CVE-2012-1462
CVE-2012-1462 describes a vulnerability in the ZIP file parser used by multiple antivirus products (e.g., Symantec Endpoint Protection 11, AhnLab V3 Internet Security, AVG, Quick Heal, Emsisoft Anti-Malware, Sophos, Kaspersky, Fortinet, etc.). The issue allows remote attackers to bypass malware d...
CVE-2012-1430
The CVE-2012-1430 entry concerns multiple antivirus products (Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, McAfee Scan Engine 5.400.0.1158, McAfee Gateway 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03) whose ELF file parser can be bypassed by ...
CVE-2012-1458
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the...
CVE-2012-1454
The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway formerly Webwasher 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified eiversion field. NOTE:...
CVE-2012-1443
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal aka Cat QuickHeal 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0....
CVE-2012-1426
The TAR file parser in Quick Heal aka Cat QuickHeal 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \42\5A\68...
CVE-2012-1455
The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error...
CVE-2012-1452
The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal aka Cat QuickHeal 11.00 allows remote attackers to bypass malware detection via a CAB file with a modified reserved1 field. NOTE: this may later be SPLIT into multiple CVE...
CVE-2012-1453
CVE-2012-1453 affects multiple antivirus products whose CAB file parsers can bypass malware detection when a CAB file’s coffFiles field is modified. Affected vendors/products include Dr.Web 5.0.2.03300; Trend Micro HouseCall 9.120.0.1004; Kaspersky Anti-Virus 7.0.0.125; Sophos Anti-Virus 4.61.0; ...
CVE-2012-1436
The CVE-2012-1436 entry concerns the Microsoft EXE file parser used by multiple anti-malware products: AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7. The flaw allows r...
CVE-2012-1425
The CVE-2012-1425 entry covers a flaw in the TAR file parser used by multiple antivirus products (e.g., Avira AntiVir, AVL SDK, Quick Heal, Emsisoft, Fortinet, Ikarus, Jiangmin, Kaspersky, McAfee engines, NOD32, Norman, PC Tools, Symantec Endpoint Protection, Trend Micro) where a TAR file beginni...
CVE-2012-1457
CVE-2012-1457 affects the TAR file parser in multiple antivirus products (e.g., ClamAV and others) and allows remote attackers to bypass malware detection by crafting a TAR entry whose length exceeds the TAR file size. Connected advisories confirm this issue across vendor updates (e.g., openSUSE ...
CVE-2012-1422
The TAR file parser in Quick Heal aka Cat QuickHeal 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. NOTE: this may later be SPLIT into multiple...
CVE-2012-1428
The TAR file parser in Quick Heal aka Cat QuickHeal 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs...
CVE-2012-1428
The CVE-2012-1428 entry concerns the TAR file parser in Quick Heal 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0. It states that a POSIX TAR file containing the specific sequence \4a\46\49\46 at a certain location can bypass malware detection. The note indicates the issue may late...