20 matches found
CVE-2012-1459
CVE-2012-1459 affects multiple antivirus products including ClamAV. The issue is a vulnerability in the TAR file parser where a TAR archive entry length field could correspond to the entire entry plus part of the header of the next entry, allowing remote attackers to bypass malware detection. The...
CVE-2012-1457
CVE-2012-1457 affects the TAR file parser in multiple antivirus products (e.g., ClamAV and others) and allows remote attackers to bypass malware detection by crafting a TAR entry whose length exceeds the TAR file size. Connected advisories confirm this issue across vendor updates (e.g., openSUSE ...
CVE-2012-1443
CVE-2012-1443 describes a bypass in the RAR file parser used by multiple antivirus products (e.g., ClamAV 0.96.4-related integrations and several vendors) where a RAR file starting with an MZ character sequence can be analyzed by user-assisted remote attackers to bypass malware detection. The evi...
CVE-2012-1461
The CVE-2012-1461 entry documents a vulnerability in the Gzip file parser used by multiple antivirus products (e.g., AVG, Bitdefender, Kaspersky, Symantec Endpoint Protection, Trend Micro, and others) that allows remote attackers to bypass malware detection by delivering a .tar.gz file containing...
CVE-2012-1456
The CVE-2012-1456 entry concerns a vulnerability in the TAR file parser across multiple AV products (AVG, Quick Heal, Comodo, Emsisoft, eSafe, F-Prot, Fortinet, Ikarus, Jiangmin, Kaspersky, McAfee, Norman, Panda, Rising, Sophos, AVEngine 20101.3.0.103 in Symantec Endpoint Protection, Trend Micro)...
CVE-2012-1423
The CVE-2012-1423 entry covers a TAR file parser flaw affecting multiple antivirus products (Command Antivirus 5.2.11.5; Emsisoft Anti-Malware 5.1.0.1; F-Prot Antivirus 4.6.2.117; Fortinet Antivirus 4.2.254.0; Ikarus T3 CLI Scanner 1.1.97.0; K7 AntiVirus 9.77.3565; NOD32 5795; Norman 6.06.12; PC ...
CVE-2012-1429
The CVE-2012-1429 entry concerns an ELF file parser flaw affecting multiple antivirus products (Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus T3 CLI, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway 201...
CVE-2012-1435
The CVE-2012-1435 entry describes a vulnerability in the Microsoft EXE file parser used by several antivirus products (AhnLab V3 Internet Security, Emsisoft Anti-Malware, eSafe, Ikarus, Panda Antivirus). The vulnerability allows remote attackers to bypass malware detection when processing an EXE ...
CVE-2012-1434
The CVE-2012-1434 issue affects multiple AV products implementing the Microsoft EXE file parser: AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7. A crafted EXE containing the byte sequence \19\04\00...
CVE-2012-1462
CVE-2012-1462 describes a vulnerability in the ZIP file parser used by multiple antivirus products (e.g., Symantec Endpoint Protection 11, AhnLab V3 Internet Security, AVG, Quick Heal, Emsisoft Anti-Malware, Sophos, Kaspersky, Fortinet, etc.). The issue allows remote attackers to bypass malware d...
CVE-2012-1436
The CVE-2012-1436 entry concerns the Microsoft EXE file parser used by multiple anti-malware products: AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Panda Antivirus 10.0.2.7. The flaw allows r...
CVE-2012-1432
The CVE-2012-1432 entry describes a vulnerability in the Microsoft EXE file parser used by several antivirus products (Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Ikarus Virus Utilities T3 CLI Scanner 1.1.97.0, Panda Antivirus 10.0.2.7) where remote attackers can bypass malware detection by an...
CVE-2012-1433
Technical details about CVE-2012-1433 are not publicly disclosed in the provided documents beyond the description of a file parser bypass. Monitor for updates; no confirmed affected products, vulnerable components, impact, or fixes are specified in the supplied data.
CVE-2012-1453
CVE-2012-1453 affects multiple antivirus products whose CAB file parsers can bypass malware detection when a CAB file’s coffFiles field is modified. Affected vendors/products include Dr.Web 5.0.2.03300; Trend Micro HouseCall 9.120.0.1004; Kaspersky Anti-Virus 7.0.0.125; Sophos Anti-Virus 4.61.0; ...
CVE-2012-1425
The CVE-2012-1425 entry covers a flaw in the TAR file parser used by multiple antivirus products (e.g., Avira AntiVir, AVL SDK, Quick Heal, Emsisoft, Fortinet, Ikarus, Jiangmin, Kaspersky, McAfee engines, NOD32, Norman, PC Tools, Symantec Endpoint Protection, Trend Micro) where a TAR file beginni...
CVE-2012-1450
The CVE-2012-1450 issue concerns the CAB file parser in three products: Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0. A modified CAB file reserved3 field can allow remote attackers to bypass malware detection, indicating a pa...
CVE-2012-1451
The CVE-2012-1451 entry concerns the CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 . The vulnerability allows remote attackers to bypass malware detection by processing a CAB file with a modified reserved2 field, indicating a parsing ...
CVE-2012-1448
The CVE-2012-1448 entry affects multiple AV products and parsers (Quick Heal/Cat QuickHeal 11.00, Trend Micro Antivirus 9.120.0.1004, Ikarus Virus Utilities T3 CLI Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti‑Malware 5.1.0.1). The root cause is a CAB file parser flaw th...
CVE-2012-1452
CVE-2012-1452 affects the CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (Cat QuickHeal) 11.00. It allows remote attackers to bypass malware detection by delivering a CAB file with a modified reserved1 field. The descripti...
CVE-2019-7651
CVE-2019-7651 affects EPP.sys in Emsisoft Anti‑Malware prior to 2018.12. The root cause is that Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN, so files and directories inside the \.\EPP device are not properly protected, enabling unintended impersonation or object creation due ...