11 matches found
CVE-2012-1459
CVE-2012-1459 affects multiple antivirus products including ClamAV. The issue is a vulnerability in the TAR file parser where a TAR archive entry length field could correspond to the entire entry plus part of the header of the next entry, allowing remote attackers to bypass malware detection. The...
CVE-2012-1443
CVE-2012-1443 describes a bypass in the RAR file parser used by multiple antivirus products (e.g., ClamAV 0.96.4-related integrations and several vendors) where a RAR file starting with an MZ character sequence can be analyzed by user-assisted remote attackers to bypass malware detection. The evi...
CVE-2012-1463
The CVE-2012-1463 entry describes a vulnerability in the ELF file parsers used by multiple antivirus products (e.g., AhnLab V3 Internet Security, Bitdefender, Quick Heal, Command Antivirus, Comodo, eSafe, F-Prot, F-Secure, McAfee, Norman, nProtect, Panda). The issue is a flaw in the ELF parser re...
CVE-2012-1435
The CVE-2012-1435 entry describes a vulnerability in the Microsoft EXE file parser used by several antivirus products (AhnLab V3 Internet Security, Emsisoft Anti-Malware, eSafe, Ikarus, Panda Antivirus). The vulnerability allows remote attackers to bypass malware detection when processing an EXE ...
CVE-2012-1434
The CVE-2012-1434 issue affects multiple AV products implementing the Microsoft EXE file parser: AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7. A crafted EXE containing the byte sequence \19\04\00...
CVE-2012-1436
The CVE-2012-1436 entry concerns the Microsoft EXE file parser used by multiple anti-malware products: AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7. The flaw allows r...
CVE-2012-1462
CVE-2012-1462 describes a vulnerability in the ZIP file parser used by multiple antivirus products (e.g., Symantec Endpoint Protection 11, AhnLab V3 Internet Security, AVG, Quick Heal, Emsisoft Anti-Malware, Sophos, Kaspersky, Fortinet, etc.). The issue allows remote attackers to bypass malware d...
CVE-2008-5520
CVE-2008-5520 affects AhnLab V3 (2008.12.4.1 and possibly 2008.9.13.0) with Internet Explorer 6/7, enabling remote bypass of malware detection in HTML documents by prepending an MZ header (EXE info) and renaming the payload to have no extension, .txt, or .jpg extensions. The connected documents c...
CVE-2012-1433
Technical details about CVE-2012-1433 are not publicly disclosed in the provided documents beyond the description of a file parser bypass. Monitor for updates; no confirmed affected products, vulnerable components, impact, or fixes are specified in the supplied data.
CVE-2007-6060
CVE-2007-6060 affects AhnLab Antivirus 3 Internet Security 2008 Platinum. The ZIP header’s Filename length field can be larger than the actual filename, to which the program appends data, allowing a remote attacker to cause a denial of service (machine crash) and potentially execute arbitrary cod...
CVE-2013-3947
CVE-2013-3947 describes a buffer overflow in MedCoreD.sys within AhnLab V3 Internet Security 8.0.7.5 (Build 1373) that enables local privilege escalation via a crafted IOCTL call 0xA3350014. The vulnerability is triggered in the kernel-mode driver, with exploitation allowing an unprivileged user ...