CVE-2012-1457

The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK
2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus
10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV
0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe
7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus
Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7
AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus
Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C,
Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32
Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5,
Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint
Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall
9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote
attackers to bypass malware detection via a TAR archive entry with a length
field that exceeds the total TAR file size. NOTE: this may later be SPLIT
into multiple CVEs if additional information is published showing that the
error occurred independently in different TAR parser implementations.

Bugs

• <https://bugzilla.clamav.net/show_bug.cgi?id=4625&gt;