22 matches found
CVE-2012-1459
CVE-2012-1459 affects multiple antivirus products including ClamAV. The issue is a vulnerability in the TAR file parser where a TAR archive entry length field could correspond to the entire entry plus part of the header of the next entry, allowing remote attackers to bypass malware detection. The...
CVE-2012-1457
CVE-2012-1457 affects the TAR file parser in multiple antivirus products (e.g., ClamAV and others) and allows remote attackers to bypass malware detection by crafting a TAR entry whose length exceeds the TAR file size. Connected advisories confirm this issue across vendor updates (e.g., openSUSE ...
CVE-2012-1443
CVE-2012-1443 describes a bypass in the RAR file parser used by multiple antivirus products (e.g., ClamAV 0.96.4-related integrations and several vendors) where a RAR file starting with an MZ character sequence can be analyzed by user-assisted remote attackers to bypass malware detection. The evi...
CVE-2012-1456
The CVE-2012-1456 entry concerns a vulnerability in the TAR file parser across multiple AV products (AVG, Quick Heal, Comodo, Emsisoft, eSafe, F-Prot, Fortinet, Ikarus, Jiangmin, Kaspersky, McAfee, Norman, Panda, Rising, Sophos, AVEngine 20101.3.0.103 in Symantec Endpoint Protection, Trend Micro)...
CVE-2012-1463
The CVE-2012-1463 entry describes a vulnerability in the ELF file parsers used by multiple antivirus products (e.g., AhnLab V3 Internet Security, Bitdefender, Quick Heal, Command Antivirus, Comodo, eSafe, F-Prot, F-Secure, McAfee, Norman, nProtect, Panda). The issue is a flaw in the ELF parser re...
CVE-2012-1442
The CVE-2012-1442 entry concerns an ELF file parser flaw that affects multiple antivirus products (e.g., Quick Heal/Cat QuickHeal 11.00, McAfee AV/Engine 5.400.0.1158, McAfee Gateway 2010.1C, eSafe 7.0.17.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, Sophos 4.61.0, AVL SDK 2.0.3.7, Rising 22.83.0...
CVE-2012-1419
CVE-2012-1419 concerns the TAR file parser in ClamAV 0.96.4 and Quick Heal (Cat QuickHeal) 11.00, where a remote attacker can bypass malware detection by providing a POSIX TAR file beginning with an [aliases] sequence. The issue is limited to the TAR parser logic as described; no other components...
CVE-2012-1420
The CVE-2012-1420 entry concerns multiple antivirus products (Quick Heal/Cat QuickHeal 11.00; Command Antivirus 5.2.11.5; F-Prot 4.6.2.117; Fortinet 4.2.254.0; K7 9.77.3565; Kaspersky 7.0.0.125; Antimalware Engine 1.1.6402.0; Microsoft Security Essentials 2.0; NOD32 5795; Norman 6.06.12; Panda 10...
CVE-2012-1462
CVE-2012-1462 describes a vulnerability in the ZIP file parser used by multiple antivirus products (e.g., Symantec Endpoint Protection 11, AhnLab V3 Internet Security, AVG, Quick Heal, Emsisoft Anti-Malware, Sophos, Kaspersky, Fortinet, etc.). The issue allows remote attackers to bypass malware d...
CVE-2012-1460
Technical details are not publicly available in the provided documents; monitor for updates.
CVE-2005-3399
CVE-2005-3399 relates to an interpretation error in CAT-QuickHeal 8.0 where a file type misclassification occurs due to an “MZ” magic-byte sequence (typically EXE) present in BAT/HTML/EML content. This causes the file to be treated as a safe type that could still be executed as a dangerous file o...
CVE-2012-1426
The CVE-2012-1426 entry describes a vulnerability in the TAR file parser used by Quick Heal (Cat QuickHeal) 11.00 and several antivirus products (Command Antivirus 5.2.11.5, F-Prot 4.6.2.117, K7 AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03) where a POSIX TAR file containing an initial ...
CVE-2012-1446
The CVE-2012-1446 entry describes a vulnerability in multiple antivirus/ELF parsers where an ELF file with a modified encoding field can bypass malware detection. Affected products include Quick Heal (Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Symantec Endpoint Protecti...
CVE-2012-1421
The CVE-2012-1421 entry affects the TAR file parser in Quick Heal 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11. The flaw allows remote attackers to bypass malware detection by feeding a POSIX TAR file with an initial ...
CVE-2012-1425
The CVE-2012-1425 entry covers a flaw in the TAR file parser used by multiple antivirus products (e.g., Avira AntiVir, AVL SDK, Quick Heal, Emsisoft, Fortinet, Ikarus, Jiangmin, Kaspersky, McAfee engines, NOD32, Norman, PC Tools, Symantec Endpoint Protection, Trend Micro) where a TAR file beginni...
CVE-2012-1428
The CVE-2012-1428 entry concerns the TAR file parser in Quick Heal 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0. It states that a POSIX TAR file containing the specific sequence \4a\46\49\46 at a certain location can bypass malware detection. The note indicates the issue may late...
CVE-2012-1424
The CVE-2012-1424 entry relates to a vulnerability in the TAR file parser used by multiple products: Antiy Labs AVL SDK 2.0.3.7, Quick Heal (Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0. The issue allows remo...
CVE-2012-1422
The CVE-2012-1422 entry covers a TAR file-parsing flaw shared by several AV products: Quick Heal (Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03. The issue arises in the TAR parser when processing a POSIX TAR file with an initial ITSF charac...
CVE-2012-1448
The CVE-2012-1448 entry affects multiple AV products and parsers (Quick Heal/Cat QuickHeal 11.00, Trend Micro Antivirus 9.120.0.1004, Ikarus Virus Utilities T3 CLI Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti‑Malware 5.1.0.1). The root cause is a CAB file parser flaw th...
CVE-2012-1427
CVE-2012-1427 affects the TAR file parser in Quick Heal (Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0. The vulnerability allows remote attackers to bypass malware detection by crafting a POSIX TAR file containing a specific character sequence (encoded as �... in th...
CVE-2005-3231
CAT Quick Heal is affected by a vulnerability described as a multiple interpretation error in unspecified versions, allowing remote attackers to bypass virus detection. The attack involves a malicious executable contained in a specially crafted RAR file with malformed central and local headers, w...
CVE-2012-1452
CVE-2012-1452 affects the CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (Cat QuickHeal) 11.00. It allows remote attackers to bypass malware detection by delivering a CAB file with a modified reserved1 field. The descripti...