Search criteria
105 vulnerabilities found for f-secure_anti-virus by f-secure
FKIE_CVE-2012-1463
Vulnerability from fkie_nvd - Published: 2012-03-21 10:11 - Updated: 2025-04-11 00:51
Severity ?
Summary
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ahnlab | v3_internet_security | 2011.01.18.00 | |
| aladdin | esafe | 7.0.17.0 | |
| authentium | command_antivirus | 5.2.11.5 | |
| bitdefender | bitdefender | 7.2 | |
| cat | quick_heal | 11.00 | |
| comodo | comodo_antivirus | 7424 | |
| f-prot | f-prot_antivirus | 4.6.2.117 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| nprotect | nprotect_antivirus | 2011-01-17.01 | |
| pandasecurity | panda_antivirus | 10.0.2.7 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en AhnLab V3 Internet Security v2011.01.18.00, BitDefender v7.2, Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) v11.00, Command Antivirus v5.2.11.5, Comodo Antivirus v7424, eSafe v7.0.17.0, F-Prot Antivirus v4.6.2.117, F-Secure Anti-Virus v9.0.16160.0, McAfee Anti-Virus Scanning Engine v5.400.0.1158, Norman Antivirus v6.6.12, nProtect anti-Virus v2011-01-17.01, y Panda Antivirus v10.0.2.7 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo ELF con un campo endianness modificado. NOTA: esto m\u00e1s tarde se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF."
}
],
"id": "CVE-2012-1463",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.740",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80426"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80433"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52614"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52614"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1459
Vulnerability from fkie_nvd - Published: 2012-03-21 10:11 - Updated: 2025-04-11 00:51
Severity ?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos TAR en AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, Avira AntiVir versi\u00f3n 7.11.1.163, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, AVG Anti-Virus versi\u00f3n 10.0.0.1190, Bitdefender versi\u00f3n 7.2, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, ClamAV versi\u00f3n 0.96.4, Command Antivirus versi\u00f3n 5.2.11.5, Comodo Antivirus versi\u00f3n 7424, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, F-Prot Antivirus versi\u00f3n 4.6.2.117, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, Fortinet Antivirus versi\u00f3n 4.2.254.0, G Data AntiVirus versi\u00f3n 21, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Jiangmin Antivirus versi\u00f3n 13.0.900, K7 AntiVirus versi\u00f3n 9.77.3565, Kaspersky Anti-Virus versi\u00f3n 7.0.0.125, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, NOD32 Antivirus versi\u00f3n 5795, Norman Antivirus versi\u00f3n 6.06.12, nProtect antivirus versi\u00f3n 2011-01-17.01, Panda Antivirus versi\u00f3n 10.0.2.7, PC Tools AntiVirus versi\u00f3n 7.0.3.5, Rising Antivirus versi\u00f3n 22.83.00.03, Sophos Anti-Virus versi\u00f3n 4.61.0, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, VBA32 versi\u00f3n 3.12.14.2 y VirusBuster versi\u00f3n 13.6.151.0, permite a los atacantes remotos omitir la detecci\u00f3n de malware por medio de una entrada de archivo TAR con un campo de longitud correspondiente a toda la entrada, adem\u00e1s de parte del encabezado de la siguiente entrada. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador de TAR."
}
],
"id": "CVE-2012-1459",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.597",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80389"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80390"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80391"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80392"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80393"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80395"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80396"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80403"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80406"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80407"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80409"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80392"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80406"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52623"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1461
Vulnerability from fkie_nvd - Published: 2012-03-21 10:11 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| anti-virus | vba32 | 3.12.14.2 | |
| authentium | command_antivirus | 5.2.11.5 | |
| avg | avg_anti-virus | 10.0.0.1190 | |
| bitdefender | bitdefender | 7.2 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| eset | nod32_antivirus | 5795 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| jiangmin | jiangmin_antivirus | 13.0.900 | |
| k7computing | antivirus | 9.77.3565 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| norman | norman_antivirus_\&_antispyware | 6.06.12 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 | |
| symantec | endpoint_protection | 11.0 | |
| trendmicro | housecall | 9.120.0.1004 | |
| trendmicro | trend_micro_antivirus | 9.120.0.1004 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos Gzip en AVG Anti-Virus 10.0.0.1190, BitDefender 7.2, Command Antivirus 5.2.11.5, a-squared Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Utilities Ikarus Virus T3 de l\u00ednea de comandos esc\u00e1ner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 06.06.12, 22.83.00.03 Rising Antivirus, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, y 3.12.14.2 VBA32 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo. tar.gz con varias secuencias comprimidas. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador Gzip."
}
],
"id": "CVE-2012-1461",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:49.677",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80500"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80501"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80502"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80503"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80504"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80505"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80506"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80510"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80506"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52626"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1442
Vulnerability from fkie_nvd - Published: 2012-03-21 10:11 - Updated: 2025-04-11 00:51
Severity ?
Summary
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| antiy | avl_sdk | 2.0.3.7 | |
| cat | quick_heal | 11.00 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| fortinet | fortinet_antivirus | 4.2.254.0 | |
| kaspersky | kaspersky_anti-virus | 7.0.0.125 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| pandasecurity | panda_antivirus | 10.0.2.7 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en Quick Heal (tambi\u00e9n conocido como Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (anteriormente Webwasher) 2010.1C, eSafe 7.0.17.0,, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti -Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0 Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, y Panda Antivirus 10.0.2.7 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un ELF archivo con un campo class modificado. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF."
}
],
"id": "CVE-2012-1442",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:48.037",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80426"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80427"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80428"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80426"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80428"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52598"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1443
Vulnerability from fkie_nvd - Published: 2012-03-21 10:11 - Updated: 2025-04-11 00:51
Severity ?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0B91745E-EA83-4C70-BF2D-45A3678FA157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A3A2FBE-3113-4CCB-8FCF-54CBD78FDF52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7877C5C9-C4CA-406F-A61A-EAFBA846A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "38855431-9C17-41FE-8325-A3304DECAC92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
"matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
"matchCriteriaId": "62B656B8-A7FB-4451-8A32-CB7AB74165F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "343D3F40-E028-4AEE-82A4-0A17C1D1ED13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
"matchCriteriaId": "953C363B-AD5B-4C53-AAF0-AB6BA4040D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
"matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
"matchCriteriaId": "DA047323-54B7-460B-9AA0-88C3C4183218",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
"matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
"matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C382AA8-5E99-4669-9825-F5BBEEC12907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D95F8C32-D238-493F-A28D-8A588E8ADD13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "410EEFDA-CFE6-4DDE-B661-BB01009B0E60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
"matchCriteriaId": "32C656A2-AAAC-494A-A981-A83144070857",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos RAR en ClamAV versi\u00f3n 0.96.4, Rising Antivirus versi\u00f3n 22.83.00.03, Quick Heal (tambi\u00e9n se conoce como Cat QuickHeal) versi\u00f3n 11.00, G Data AntiVirus versi\u00f3n 21, AVEngine versi\u00f3n 20101.3.0.103 en Symantec Endpoint Protection versi\u00f3n 11, Command Antivirus versi\u00f3n 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner versi\u00f3n 1.1.97.0, Emsisoft Anti-Malware versi\u00f3n 5.1.0.1, PC Tools AntiVirus versi\u00f3n 7.0.3.5, F-Prot Antivirus versi\u00f3n 4.6.2.117, VirusBuster versi\u00f3n 13.6.151.0, Fortinet antivirus versi\u00f3n 4.2.254.0, Antiy Labs AVL SDK versi\u00f3n 2.0.3.7, K7 AntiVirus versi\u00f3n 9.77.3565, Trend Micro HouseCall versi\u00f3n 9.120.0.1004, Kaspersky Antivirus versi\u00f3n 7.0.0.125, Jiangmin Antivirus versi\u00f3n 13.0.900, Antimalware Engine versi\u00f3n 1.1.6402.0 en Microsoft Security Essentials versi\u00f3n 2.0, Sophos Anti-Virus versi\u00f3n 4.61.0, NOD32 Antivirus versi\u00f3n 5795, Avira AntiVir versi\u00f3n 7.11.1.163, Norman Antivirus versi\u00f3n 6.06.12, McAfee Anti-Virus Scanning Engine versi\u00f3n 5.400.0.1158, Panda Antivirus versi\u00f3n 10.0.2.7, McAfee Gateway (anteriormente Webwasher) versi\u00f3n 2010.1C, Trend Micro AntiVirus versi\u00f3n 9.120.0.1004, Comodo Antivirus versi\u00f3n 7424, Bitdefender versi\u00f3n 7.2, eSafe versi\u00f3n 7.0.17.0, F-Secure Anti-Virus versi\u00f3n 9.0.16160.0, nProtect Versi\u00f3n antivirus 2011-01-17.01, AhnLab V3 Internet Security versi\u00f3n 2011.01.18.00, AVG Anti-Virus versi\u00f3n 10.0.0.1190, avast! antivirus versiones 4.8.1351.0 y 5.0.677.0, y VBA32 versi\u00f3n 3.12.14.2, permite a los atacantes remotos asistidos por el usuario omitir la detecci\u00f3n de malware por medio de un archivo RAR con una inicial Secuencia de caracteres MZ. NOTA: esto puede ser m\u00e1s tarde SPLIT en varios CVE si se publica informaci\u00f3n adicional que muestra que el error se produjo de manera independiente en diferentes implementaciones de analizador RAR."
}
],
"id": "CVE-2012-1443",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:48.083",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80454"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80455"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80456"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80457"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80458"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80459"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80460"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80461"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80467"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80468"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80469"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80470"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80471"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/80472"
},
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80454"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80458"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80459"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80460"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/80472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52612"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1431
Vulnerability from fkie_nvd - Published: 2012-03-21 10:11 - Updated: 2025-04-11 00:51
Severity ?
Summary
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| authentium | command_antivirus | 5.2.11.5 | |
| bitdefender | bitdefender | 7.2 | |
| comodo | comodo_antivirus | 7424 | |
| f-prot | f-prot_antivirus | 4.6.2.117 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| mcafee | gateway | 2010.1c | |
| nprotect | nprotect_antivirus | 2011-01-17.01 | |
| rising-global | rising_antivirus | 22.83.00.03 | |
| sophos | sophos_anti-virus | 4.61.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
"matchCriteriaId": "961708EB-3124-4147-A36D-BAD9241D0C88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en BitDefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (anteriormente Webwasher) 2010.1C, nProtect anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, y Rising Antivirus 22.83.00.03 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo ELF con una secuencia de caracteres \\ 4a \\ 46 \\ 49 \\ 46 en una determinada ubicaci\u00f3n. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF."
}
],
"id": "CVE-2012-1431",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:47.630",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1429
Vulnerability from fkie_nvd - Published: 2012-03-21 10:11 - Updated: 2025-04-11 00:51
Severity ?
Summary
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | esafe | 7.0.17.0 | |
| comodo | comodo_antivirus | 7424 | |
| emsisoft | anti-malware | 5.1.0.1 | |
| f-secure | f-secure_anti-virus | 9.0.16160.0 | |
| ikarus | ikarus_virus_utilities_t3_command_line_scanner | 1.1.97.0 | |
| mcafee | gateway | 2010.1c | |
| mcafee | scan_engine | 5.400.0.1158 | |
| nprotect | nprotect_antivirus | 2011-01-17.01 | |
| softwin | bitdefender | 7.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6590DF-9164-4A76-ADEE-9110C5E3588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
"matchCriteriaId": "803A9A92-A984-43A8-8D27-C9A6FDB19A9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
"matchCriteriaId": "D386C31F-6114-4A15-B0D5-15686D7EF8B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:softwin:bitdefender:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2C5A38BE-5D75-404F-AE34-7663D3E17927",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
},
{
"lang": "es",
"value": "El analizador de archivos ELF en BitDefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus motor de Detecci\u00f3n de 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C y nProtect anti-Virus 2011-01-17.01 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo ELF con una secuencia de caracteres ustar en un lugar determinado. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador. ELF"
}
],
"id": "CVE-2012-1429",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-03-21T10:11:47.550",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1425
Vulnerability from fkie_nvd - Published: 2010-04-15 21:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "8584A696-5D15-4D14-A2C2-E0821844FB78",
"versionEndIncluding": "9.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:6.62:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "F073E513-A598-4421-936B-6264122CFB81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:7.0:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "6136A4CA-E833-43AF-8D32-B0DB3D812E56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:anti-virus:7.10:-:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "30602BA3-9043-4E51-9457-16D8D1464EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E805B40A-9534-4215-9F8B-D533C06666AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "F83DDDED-51E8-43DE-BBA8-4AD36F920BF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53919A2E-99A6-4896-9B23-F8DEA62FB006",
"versionEndIncluding": "2010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:*:*:*:*:*:*",
"matchCriteriaId": "C586FEDB-4335-47FF-81C0-301F5CD80799",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2.16:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "1473BDA6-ADD8-41C0-95DD-D82A1317FB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "B91DB04A-B6AA-4FDA-B3A1-9E46EC27078D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50:*:linux:*:*:*:*:*",
"matchCriteriaId": "55C7A7CD-1BAB-475A-BEC1-3AFD15366103",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80681B-B124-4797-BD0C-C137C189C8F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_1:*:linux:*:*:*:*:*",
"matchCriteriaId": "8C7F4E22-8609-4111-A588-BBA6CFBE3EB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_2:*:*:*:*:*:*:*",
"matchCriteriaId": "137DBA10-602D-4D34-8AC1-998AD1229820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.50_hotfix_2:*:linux:*:*:*:*:*",
"matchCriteriaId": "0AB5C071-A13A-4E32-9F40-E41B47D053BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "D606B8B1-C3A7-4110-8610-23FC8E90B30F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51_hotfix_2:*:*:*:*:*:*:*",
"matchCriteriaId": "A60DEC4D-FD5B-41B3-9BEB-3EF0641C0F05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51_hotfix_2:*:linux:*:*:*:*:*",
"matchCriteriaId": "DF853D24-E54D-4B0C-B78B-B1EBF29A3481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:*:*:*:*:*:*",
"matchCriteriaId": "8E705203-E0A9-4F66-8393-926958DF1A59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux:*:*:*:*:*",
"matchCriteriaId": "59824214-B535-400D-9614-797F61F81062",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
"matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:*:*:*:*:*:*",
"matchCriteriaId": "698A033B-181B-4BD6-9004-BA120D84EE31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA02414-2DD5-4AC2-963E-8B98BAB128B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "5A277838-B3AE-45E4-9E1D-005F63FB7573",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.61:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "33C62796-C9C0-485E-A58B-6510AFA80F33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFCD75B-B0FA-4811-AC26-2FFC217D17B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.62:*:samba_servers:*:*:*:*:*",
"matchCriteriaId": "8A2035B9-D6DE-4091-84B0-EC73F491EC43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:*:*:*:*:*:*",
"matchCriteriaId": "BB5F8A5E-5C5B-4C2D-A69E-671D03AEABF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "2F448567-DCAB-4B5F-B939-5B630A5A9B70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.64:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "A49C5BE3-EF09-4B73-A8F7-95B428EB28F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:*:*:*:*:*:*",
"matchCriteriaId": "EC9A3CF8-E32C-4C60-91B1-A4C651437F00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_gateways:*:*:*:*:*",
"matchCriteriaId": "46D73A43-3FBF-422D-B3CF-136F4B7A9A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.65:*:linux_servers:*:*:*:*:*",
"matchCriteriaId": "58668CA2-425C-470E-BA2A-E791EEED6046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C51DBF04-31F1-42C7-9442-559A0AF52CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "016877EA-FBDE-4E49-8077-CFFCFB8E7DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "8CFC86C0-2E3E-4057-808C-358B4B0463F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8549318-DCD7-420A-AAD6-CE1D7E167E20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:*:*:*:*:*:*",
"matchCriteriaId": "30E93E69-FE42-4E90-9306-C3A9A6CAAE2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "857DC5D0-BAE2-47DE-92A3-63F4960A8022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.01:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "789D6655-F3FF-4F6C-BAF6-452D6ECA207B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB606BE-CCA7-41BF-AB9F-E7C362FBADA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E92D04F2-5029-445C-ADF5-4FCC11E658BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "04041776-EA80-406D-BCAF-EAD1F6FAD53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "095A03CE-6B8F-4275-87BE-44E807F97939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
"matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "A8B5F6AF-561B-45B4-8087-D637FAB9E877",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "B7D558FE-0C41-4FC1-AF94-2CDE69FF8CD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E0A121-7894-4E38-9295-3A4BFB8B8749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_client_security:*:*:*:*:*",
"matchCriteriaId": "17C7BE07-1D72-4E06-BDD4-0281BE35CAA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.11:*:linux_server_security:*:*:*:*:*",
"matchCriteriaId": "FE057604-B92A-4B69-9CD5-189A33C90A45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:*:*:*:*:*:*",
"matchCriteriaId": "71DDEE06-C625-44F5-8D39-156088563F64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.40:*:workstations:*:*:*:*:*",
"matchCriteriaId": "461627F0-2CEF-4623-B38E-6B30059B0B40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:*:*:*:*:*:*",
"matchCriteriaId": "216282DF-8055-4691-93C7-8152B2F761BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "9528ACFA-2A1C-4292-BDB6-93041E9CE97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
"matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:*:*:*:*:*:*",
"matchCriteriaId": "510A1602-D3D1-4CCE-9FB8-29D8F4E05924",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:file_servers:*:*:*:*:*",
"matchCriteriaId": "035181DB-9366-42A7-B783-3E8415FA8FBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:*:*:*:*:*:*",
"matchCriteriaId": "15D9B8B6-1B7E-4FB1-85CD-695C39927463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.43:*:workstations:*:*:*:*:*",
"matchCriteriaId": "352EE11B-2385-4359-BEA1-706FEA3E9D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "5F5C145F-C336-4FD0-8262-2CBDE3FBA12B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.44:*:workstations:*:*:*:*:*",
"matchCriteriaId": "D35E1591-553E-42F0-AE3E-16A2A5640F9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:*:*:*:*:*:*",
"matchCriteriaId": "CBDF39BC-ED88-4E49-97A5-4E2B7BB001F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "2CFD7DE5-37B0-4AA9-8026-D13EFA31DDA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.51:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "99727375-701D-4AD9-9410-B69B7603807C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "112A4C41-3201-4BDA-BC08-355A4B9C2347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:citrix_servers:*:*:*:*:*",
"matchCriteriaId": "CAB9474C-A4F9-45C0-A77C-34B794AE2262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
"matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "0D47BE5A-D3C9-4B97-AFB1-633AE69F911E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "AD772D28-E146-470A-AAD6-838587420FAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "38F12483-2AAA-4269-BE97-65E80CE09C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.54:*:client_security:*:*:*:*:*",
"matchCriteriaId": "6D9796D5-C957-410D-96A8-7C1AC1D614A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:*:*:*:*:*:*",
"matchCriteriaId": "F44D5E36-58AC-417E-91F0-C7F9D4B8D34B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.55:*:client_security:*:*:*:*:*",
"matchCriteriaId": "94B734B9-4D8C-4195-AA01-83DDEC535BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.56:*:*:*:*:*:*:*",
"matchCriteriaId": "9EDFA260-07D3-463D-BDAA-4C6F9F4D52FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "1EBB5C76-E785-4A1D-A855-21F346ABA3B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.61:*:mimesweeper:*:*:*:*:*",
"matchCriteriaId": "AEF8C12D-ADF4-4FAE-8B13-B69BFA5AFF2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "86D92D81-A2F8-47F0-8A79-2318A19D9CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:client_security:*:*:*:*:*",
"matchCriteriaId": "F874EF46-3E17-4A51-A576-7E0BFE1FD4EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.01:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "1171FFA9-4898-4174-AD17-C6E47A120585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:*:*:*:*:*:*",
"matchCriteriaId": "5145EA79-BB99-4DF6-82CD-539AFBE393CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F1F7D7-2F21-46EC-8991-F565556AFDAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.02:*:client_security:*:*:*:*:*",
"matchCriteriaId": "995DCFD5-5745-48E6-BC0E-B8AE3F194CFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:firewalls:*:*:*:*:*",
"matchCriteriaId": "A937E670-6263-4497-B17F-1D19D48ED6CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.2:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "4401535F-9AC5-4419-A6B6-9A877887A3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "366ED344-85B2-418D-90E6-19B27260B465",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.03:*:client_security:*:*:*:*:*",
"matchCriteriaId": "2B5FC2F8-A355-4964-B908-0DCC00734BB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:*:*:*:*:*:*",
"matchCriteriaId": "C35B56AC-3C96-43C4-88D0-FAB97C3C28BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:*:*:*:*:*:*",
"matchCriteriaId": "18A8AA65-9B9E-419C-9D1C-D5A88778D8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "97610DB9-0379-4EB3-95E6-9B5C21E5A6E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC32B19D-E275-4D63-A9CA-403D7B87DD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.30_sr1:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "5777A2C3-5EB0-495E-8E0E-94BCA86D5E4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:*:*:*:*:*:*",
"matchCriteriaId": "CBCFE4AA-9E83-442B-89F9-413BBA5A31F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.31:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "2D43D811-F305-4709-9C43-862A7FC783B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:*:*:*:*:*:*",
"matchCriteriaId": "4F78CC67-B3AA-4503-9F49-7E605C230816",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.40:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "375B5B66-822B-4142-BAA3-0928DE7A8D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:*:*:*:*:*:*",
"matchCriteriaId": "410D9937-4480-482C-A672-8F578EF1F0D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.60:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "3F1CCFFE-4745-46BE-840F-F658245A6058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:*:*:*:*:*:*",
"matchCriteriaId": "EBB2803F-8685-4803-9C93-E9D4A672D333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.61:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "880E04C0-42C2-4261-92D1-CF83133567F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "163EACA6-64CC-4554-BE19-52AB02D1F67D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:client_security:*:*:*:*:*",
"matchCriteriaId": "D990AE62-7B09-4DA8-ADB7-3CBA2DF18683",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:ms_exchange:*:*:*:*:*",
"matchCriteriaId": "C2BF5C8E-D1C4-4082-AFBE-8A8413CE1392",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:windows_servers:*:*:*:*:*",
"matchCriteriaId": "BED6F056-D9E2-4799-A432-DC07F8154AA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.00:*:workstations:*:*:*:*:*",
"matchCriteriaId": "4382A281-75F3-455C-B7EF-8514531C17C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "B028C22E-399E-4A90-9673-64E4D510273E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "7C2C1784-2482-4CBE-BE6D-4519C3FB64BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "62204373-31FA-4F28-AA22-D4D6F3B80F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C8609465-1436-4F50-B7EE-0DF9DA7AA4CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C319-313F-4CA5-9B37-D9860071E763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FA805B86-7E74-4E27-A06D-41F86FDFAAA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.03:*:*:*:*:*:*:*",
"matchCriteriaId": "85517B0C-8C1A-4306-8466-2C138AD0709A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:6.04:*:*:*:*:*:*:*",
"matchCriteriaId": "F0657810-2CB9-4887-8AA2-3E0927937820",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.01:*:*:*:*:*:*:*",
"matchCriteriaId": "59FA86FF-A114-44EB-884A-766BEE17FD5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5CD2B3CE-78CC-4BE7-80EB-25675371B5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_citrix_servers:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "3776E315-E935-4422-A3F3-F6D261DFDB86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3346E2B-C289-41A2-80B6-D8DA7697CC32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:4.65:*:*:*:*:*:*:*",
"matchCriteriaId": "04102648-2C1C-420E-BBF7-5C948F0EE479",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:6.62:*:*:*:*:*:*:*",
"matchCriteriaId": "D622E750-A9AB-4EF3-BC2F-D7C3FFE8C961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "85EEA770-211A-4568-BB9F-9FE76D7BFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "06C05AE3-5003-44B0-BAFB-F5081373994F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_mimesweeper:5.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C03EB725-E91E-4CA3-A903-0CD45D7EE2F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_windows_servers:8.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6FC68767-4F85-4D80-AB6C-38A3362144A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F7B8FE8-8458-4C38-8FE6-6A7BEA28EB0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:5.44:*:*:*:*:*:*:*",
"matchCriteriaId": "9848B969-A0A4-4F38-9C6C-79395EFF8254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "605AB820-8069-430A-89AC-3E0122EB3B96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9F9488-8DA8-48A9-9A11-B5E0D7AA9A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8C775FD8-A757-41A6-BBC3-29BC9D2D12A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1BF1F7-8570-46A8-BDFE-43720C44576E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9523BF6D-AF64-4CFE-B017-695B6BB175C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E77AB622-B899-46FD-9DFA-1964B57A9458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DB2DD7-86DC-440A-B8D9-0A84034E808F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E53728-0B65-48C4-A812-8915BFC5A51A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F433148-3A0B-4F84-B4FB-A8EFFCB22EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "66AB396E-475C-404F-BEE1-66DE9C3A7555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6FC4F-F768-43FF-9627-DF41CD7D799C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.54:*:*:*:*:*:*:*",
"matchCriteriaId": "105743CC-1365-404D-9B3D-0CDBFDF4BB33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8900048F-8EAB-4BF7-98C1-57F8DA49AF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A53E8102-9A65-45FD-AFDE-25861BC49B7B",
"versionEndIncluding": "2010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "89DC5D86-0C4A-4F94-83A2-DB21B868ACCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "89A0FDD3-3364-4452-BD6F-EB6F85D3119A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "94858828-3626-4654-AB6A-597A49C79284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C0DCADF7-B044-4646-B215-52685609ED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D77467E5-A143-4720-93EE-29B399417065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:home_server_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "5399311C-0418-45CA-9FED-082D9B484D68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:-:linux:*:*:*:*:*",
"matchCriteriaId": "1312B800-FE46-4D50-82E8-76201A8C3228",
"versionEndIncluding": "4.02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:-:windows:*:*:*:*:*",
"matchCriteriaId": "06B35ABF-C401-4DF4-9935-55E797E60220",
"versionEndIncluding": "6.61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
},
{
"lang": "es",
"value": "F-Secure Internet Security 2010 y anteriores; Anti-Virus para Microsoft Exchange 9 y anteriores, y para MIMEsweeper v5.61 y anteriores; Internet Gatekeeper para Windows v6.61 y anteriores, y para Linux v4.02 y anteriores; Anti-Virus 2010 y anteriores; Home Server Security 2009; Protection Service para Consumers 9 y anteriores, para Business - Workstation security 9 y anteriores, para Business - Server Security 8 y anteriores, y para E-mail y Server security 9 y anteriores; Mac Protection build 8060 y anteriores; Client Security 9 y anteriores; y varios productos Anti-Virus para Windows, Linux, y Citrix no detectan adecuadamente malware en archivos (1) 7Z, (2) GZIP, (3) CAB, o (4) RAR manipulados, lo que facilita a atacantes evitar la detecci\u00f3n."
}
],
"id": "CVE-2010-1425",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-15T21:30:00.383",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39396"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023841"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023842"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023843"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39396"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-6085
Vulnerability from fkie_nvd - Published: 2009-02-06 11:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "B028C22E-399E-4A90-9673-64E4D510273E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "62204373-31FA-4F28-AA22-D4D6F3B80F9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "4B68C319-313F-4CA5-9B37-D9860071E763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_citrix_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7C3858F1-B23F-4E45-BD23-C8262AD37F50",
"versionEndIncluding": "7.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D0AD44-C784-4019-B92C-A368092C815C",
"versionEndIncluding": "7.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:6.62:*:*:*:*:*:*:*",
"matchCriteriaId": "D622E750-A9AB-4EF3-BC2F-D7C3FFE8C961",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_microsoft_exchange:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "85EEA770-211A-4568-BB9F-9FE76D7BFCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_mimesweeper:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6FA161-27C8-40A5-BAF7-4907D67E3C82",
"versionEndIncluding": "5.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_windows_servers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDF7866B-1F6D-49C8-8013-2A6974D42D95",
"versionEndIncluding": "8.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7D9F9488-8DA8-48A9-9A11-B5E0D7AA9A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8C775FD8-A757-41A6-BBC3-29BC9D2D12A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3E6352-6BF9-4FE6-A572-07A31972A28D",
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "9523BF6D-AF64-4CFE-B017-695B6BB175C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "E77AB622-B899-46FD-9DFA-1964B57A9458",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:5.53:*:*:*:*:*:*:*",
"matchCriteriaId": "F8DB2DD7-86DC-440A-B8D9-0A84034E808F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BD6D628-460F-4AF7-971E-401D58E48AF1",
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.30:*:*:*:*:*:*:*",
"matchCriteriaId": "66AB396E-475C-404F-BEE1-66DE9C3A7555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_server_security:5.52:*:*:*:*:*:*:*",
"matchCriteriaId": "D0E6FC4F-F768-43FF-9627-DF41CD7D799C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5AE9AF-11E3-4CC5-BEE7-6ED5CF6FCEA5",
"versionEndIncluding": "7.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8FC353-E7D7-4097-B206-C0ACB654E0E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_home_server_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "13A9FDBE-1AAD-435A-BECF-2871864EAFA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4664D4A0-EB01-4274-9E1D-8EA5313F935A",
"versionEndIncluding": "2.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_gatekeeper_for_windows:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C73ADB10-61D7-46E9-B293-1C798E297A5F",
"versionEndIncluding": "6.61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:7.02:*:*:*:*:*:*:*",
"matchCriteriaId": "89DC5D86-0C4A-4F94-83A2-DB21B868ACCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:second:*:*:*:*:*",
"matchCriteriaId": "94858828-3626-4654-AB6A-597A49C79284",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D77467E5-A143-4720-93EE-29B399417065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_linux_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6ED823-E3F3-4444-86B5-BBD6D711B5B9",
"versionEndIncluding": "7.01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A5B1FA4-33A1-4EAD-A20F-C9A4AD64939C",
"versionEndIncluding": "5.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_messaging_security_gateway:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "25DB325A-39E6-4938-9761-D8DCD5A57C96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2E6D2C-5520-41DE-AF1D-7E47F9A99CE7",
"versionEndIncluding": "3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:3.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6123A21D-BBB4-48D8-9701-7BFB637628C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C339068C-F74F-4B4B-AD15-09457CC85458",
"versionEndIncluding": "8.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:5.00:*:*:*:*:*:*:*",
"matchCriteriaId": "F11E5127-4DC8-48A4-9AF5-1C148B71C7E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:6.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB0D1BB-B119-4996-859A-39348AEF36B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:7.00:*:*:*:*:*:*:*",
"matchCriteriaId": "721447B1-F577-48AB-A312-34306C485866",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en m\u00faltiples productos antivirus de F-Secure, incluyendo Internet Security 2006 hasta 2008, Anti-Virus 2006 hasta 2008, y otros, cuando ha sido configurado para escanear ficheros comprimidos internamente, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero comprimido RPM manipulado, lo que provocar\u00e1 un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2008-6085",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-02-06T11:30:00.467",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32352"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31846"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021073"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31846"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1412
Vulnerability from fkie_nvd - Published: 2008-03-20 10:44 - Updated: 2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9A6B8424-EED8-4A09-9A9C-FC5F76A9FAF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "1106DE08-DE9A-488B-8C5D-28E353CDEEEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C8609465-1436-4F50-B7EE-0DF9DA7AA4CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "B47EC4EB-268A-4BB9-820D-AA3DB8D1A655",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1566EBF3-230F-415F-8E0A-1D55A35ABB50",
"versionEndIncluding": "6.04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE3B1C3-BBCF-4C7E-87B4-418E850CE097",
"versionEndIncluding": "4.65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_for_workstations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C103D696-73C5-4582-8DD4-B292467F4F20",
"versionEndIncluding": "7.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus_linux_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D3E6352-6BF9-4FE6-A572-07A31972A28D",
"versionEndIncluding": "5.54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_client_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDAB6D4E-4897-4E83-B601-169D93EC50EE",
"versionEndIncluding": "7.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "C788A5AB-C847-476C-9767-C6711F2D4EA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "3972C7F1-8B78-4A5D-8A75-C6CA01E997DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2007:second_edition:*:*:*:*:*:*",
"matchCriteriaId": "C0DCADF7-B044-4646-B215-52685609ED49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "08ED9945-DC9F-4F4F-B2EB-B63986BCC7D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_s60:2nd_edition:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C6312D-350F-4E12-ABB6-4748CB286D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_windows_mobile:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5BA3FA3-3D16-4958-AC75-7380EFE8948A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_windows_mobile:6:*:*:*:*:*:*:*",
"matchCriteriaId": "757E27BF-8CC3-41E5-8348-350CFDAC4BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_antivirus_for_windows_mobile:2003:*:*:*:*:*:*:*",
"matchCriteriaId": "39318388-DD54-4304-9C7D-6F7C1584D68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_mobile_security_for_series_80:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C3454E64-9E87-4707-BC02-5A881F443084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A2E6D2C-5520-41DE-AF1D-7E47F9A99CE7",
"versionEndIncluding": "3.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-secure:f-secure_protection_service_for_consumers:*:*:*:*:*:*:*:*",
"matchCriteriaId": "604EFE23-657D-406F-81BF-17BA524E8423",
"versionEndIncluding": "7.00",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en multiples productos anti-virus de F-Secure, incluidos Internet Security 2006 hasta 2008, Anti-Virus 2006 hasta 2008 y otros, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (suspender o parar) utilizando un archivo defectuoso que provocar\u00e1 un excepci\u00f3n no manejada, como se ha demostrado por el paquete de pruebas PROTOS GENOME para formatos de archivo."
}
],
"id": "CVE-2008-1412",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-20T10:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29397"
},
{
"source": "cve@mitre.org",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28282"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019618"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019619"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019620"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29397"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019618"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-1443 (GCVE-0-2012-1443)
Vulnerability from cvelistv5 – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80471"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80472",
"refsource": "OSVDB",
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"refsource": "OSVDB",
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"refsource": "OSVDB",
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"refsource": "OSVDB",
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"refsource": "OSVDB",
"url": "http://osvdb.org/80460"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"refsource": "OSVDB",
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"refsource": "OSVDB",
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"refsource": "OSVDB",
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"refsource": "OSVDB",
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"refsource": "OSVDB",
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"refsource": "OSVDB",
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"refsource": "OSVDB",
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"refsource": "OSVDB",
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"refsource": "OSVDB",
"url": "http://osvdb.org/80471"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1443",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1463 (GCVE-0-2012-1463)
Vulnerability from cvelistv5 – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52614"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52614"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"refsource": "OSVDB",
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52614"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1463",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:02.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1429 (GCVE-0-2012-1429)
Vulnerability from cvelistv5 – Published: 2012-03-21 10:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1429",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1459 (GCVE-0-2012-1459)
Vulnerability from cvelistv5 – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"refsource": "OSVDB",
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"refsource": "OSVDB",
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"refsource": "OSVDB",
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1459",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1431 (GCVE-0-2012-1431)
Vulnerability from cvelistv5 – Published: 2012-03-21 10:00 – Updated: 2024-09-17 03:27
VLAI?
Summary
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-03-21T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1431",
"datePublished": "2012-03-21T10:00:00Z",
"dateReserved": "2012-02-29T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:21.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1442 (GCVE-0-2012-1442)
Vulnerability from cvelistv5 – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52598"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52598"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"refsource": "OSVDB",
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52598"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"refsource": "OSVDB",
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1442",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1461 (GCVE-0-2012-1461)
Vulnerability from cvelistv5 – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80510"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80510"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80502",
"refsource": "OSVDB",
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"refsource": "OSVDB",
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"refsource": "OSVDB",
"url": "http://osvdb.org/80506"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"refsource": "OSVDB",
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"refsource": "OSVDB",
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"refsource": "OSVDB",
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"refsource": "OSVDB",
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"refsource": "OSVDB",
"url": "http://osvdb.org/80510"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1461",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1425 (GCVE-0-2010-1425)
Vulnerability from cvelistv5 – Published: 2010-04-15 21:12 – Updated: 2024-09-17 02:41
VLAI?
Summary
F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1023841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-15T21:12:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1023841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1023841",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"name": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1425",
"datePublished": "2010-04-15T21:12:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:53.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6085 (GCVE-0-2008-6085)
Vulnerability from cvelistv5 – Published: 2009-02-06 11:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021073"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6085",
"datePublished": "2009-02-06T11:00:00",
"dateReserved": "2009-02-05T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1412 (GCVE-0-2008-1412)
Vulnerability from cvelistv5 – Published: 2008-03-20 10:00 – Updated: 2024-08-07 08:24
VLAI?
Summary
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:41.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28282"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019618"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28282"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019618"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-2.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28282"
},
{
"name": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html",
"refsource": "MISC",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019618"
},
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1412",
"datePublished": "2008-03-20T10:00:00",
"dateReserved": "2008-03-19T00:00:00",
"dateUpdated": "2024-08-07T08:24:41.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1443 (GCVE-0-2012-1443)
Vulnerability from nvd – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80471"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80460"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80471"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1443",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80472",
"refsource": "OSVDB",
"url": "http://osvdb.org/80472"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "52612",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52612"
},
{
"name": "80467",
"refsource": "OSVDB",
"url": "http://osvdb.org/80467"
},
{
"name": "80461",
"refsource": "OSVDB",
"url": "http://osvdb.org/80461"
},
{
"name": "80470",
"refsource": "OSVDB",
"url": "http://osvdb.org/80470"
},
{
"name": "80460",
"refsource": "OSVDB",
"url": "http://osvdb.org/80460"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80468",
"refsource": "OSVDB",
"url": "http://osvdb.org/80468"
},
{
"name": "80456",
"refsource": "OSVDB",
"url": "http://osvdb.org/80456"
},
{
"name": "80457",
"refsource": "OSVDB",
"url": "http://osvdb.org/80457"
},
{
"name": "80458",
"refsource": "OSVDB",
"url": "http://osvdb.org/80458"
},
{
"name": "80454",
"refsource": "OSVDB",
"url": "http://osvdb.org/80454"
},
{
"name": "80455",
"refsource": "OSVDB",
"url": "http://osvdb.org/80455"
},
{
"name": "80459",
"refsource": "OSVDB",
"url": "http://osvdb.org/80459"
},
{
"name": "80469",
"refsource": "OSVDB",
"url": "http://osvdb.org/80469"
},
{
"name": "80471",
"refsource": "OSVDB",
"url": "http://osvdb.org/80471"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1443",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1463 (GCVE-0-2012-1463)
Vulnerability from nvd – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:02.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52614"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52614"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80433",
"refsource": "OSVDB",
"url": "http://osvdb.org/80433"
},
{
"name": "52614",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52614"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
},
{
"name": "multiple-av-elf-file-evasion(74311)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74311"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1463",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:02.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1429 (GCVE-0-2012-1429)
Vulnerability from nvd – Published: 2012-03-21 10:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1429",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "multiple-av-elf-ustar-evasion(74244)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74244"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1429",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1459 (GCVE-0-2012-1459)
Vulnerability from nvd – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-17T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "openSUSE-SU-2012:0833",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80392"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52623"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1459",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2012:0833",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
},
{
"name": "80406",
"refsource": "OSVDB",
"url": "http://osvdb.org/80406"
},
{
"name": "80393",
"refsource": "OSVDB",
"url": "http://osvdb.org/80393"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80403",
"refsource": "OSVDB",
"url": "http://osvdb.org/80403"
},
{
"name": "80389",
"refsource": "OSVDB",
"url": "http://osvdb.org/80389"
},
{
"name": "80391",
"refsource": "OSVDB",
"url": "http://osvdb.org/80391"
},
{
"name": "80409",
"refsource": "OSVDB",
"url": "http://osvdb.org/80409"
},
{
"name": "80396",
"refsource": "OSVDB",
"url": "http://osvdb.org/80396"
},
{
"name": "multiple-av-tar-header-evasion(74302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
},
{
"name": "80392",
"refsource": "OSVDB",
"url": "http://osvdb.org/80392"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80390",
"refsource": "OSVDB",
"url": "http://osvdb.org/80390"
},
{
"name": "MDVSA-2012:094",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
},
{
"name": "80407",
"refsource": "OSVDB",
"url": "http://osvdb.org/80407"
},
{
"name": "80395",
"refsource": "OSVDB",
"url": "http://osvdb.org/80395"
},
{
"name": "52623",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52623"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1459",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1431 (GCVE-0-2012-1431)
Vulnerability from nvd – Published: 2012-03-21 10:00 – Updated: 2024-09-17 03:27
VLAI?
Summary
The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-03-21T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1431",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Gateway (formerly Webwasher) 2010.1C, nProtect Anti-Virus 2011-01-17.01, Sophos Anti-Virus 4.61.0, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via an ELF file with a \\4a\\46\\49\\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1431",
"datePublished": "2012-03-21T10:00:00Z",
"dateReserved": "2012-02-29T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:21.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1442 (GCVE-0-2012-1442)
Vulnerability from nvd – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:00.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52598"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80426"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-28T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52598"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80426"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80427",
"refsource": "OSVDB",
"url": "http://osvdb.org/80427"
},
{
"name": "52598",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52598"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80428",
"refsource": "OSVDB",
"url": "http://osvdb.org/80428"
},
{
"name": "80426",
"refsource": "OSVDB",
"url": "http://osvdb.org/80426"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1442",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:00.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1461 (GCVE-0-2012-1461)
Vulnerability from nvd – Published: 2012-03-21 10:00 – Updated: 2024-08-06 19:01
VLAI?
Summary
The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:01:01.258Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/80510"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-10T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "80502",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80506"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/80510"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "80502",
"refsource": "OSVDB",
"url": "http://osvdb.org/80502"
},
{
"name": "52626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52626"
},
{
"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"name": "80504",
"refsource": "OSVDB",
"url": "http://osvdb.org/80504"
},
{
"name": "80506",
"refsource": "OSVDB",
"url": "http://osvdb.org/80506"
},
{
"name": "http://www.ieee-security.org/TC/SP2012/program.html",
"refsource": "MISC",
"url": "http://www.ieee-security.org/TC/SP2012/program.html"
},
{
"name": "80500",
"refsource": "OSVDB",
"url": "http://osvdb.org/80500"
},
{
"name": "80505",
"refsource": "OSVDB",
"url": "http://osvdb.org/80505"
},
{
"name": "80501",
"refsource": "OSVDB",
"url": "http://osvdb.org/80501"
},
{
"name": "80503",
"refsource": "OSVDB",
"url": "http://osvdb.org/80503"
},
{
"name": "80510",
"refsource": "OSVDB",
"url": "http://osvdb.org/80510"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1461",
"datePublished": "2012-03-21T10:00:00",
"dateReserved": "2012-02-29T00:00:00",
"dateUpdated": "2024-08-06T19:01:01.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1425 (GCVE-0-2010-1425)
Vulnerability from nvd – Published: 2010-04-15 21:12 – Updated: 2024-09-17 02:41
VLAI?
Summary
F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.158Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1023841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-15T21:12:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1023841",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and for MIMEsweeper 5.61 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, and for Linux 4.02 and earlier; Anti-Virus 2010 and earlier; Home Server Security 2009; Protection Service for Consumers 9 and earlier, for Business - Workstation security 9 and earlier, for Business - Server Security 8 and earlier, and for E-mail and Server security 9 and earlier; Mac Protection build 8060 and earlier; Client Security 9 and earlier; and various Anti-Virus products for Windows, Linux, and Citrix; does not properly detect malware in crafted (1) 7Z, (2) GZIP, (3) CAB, or (4) RAR archives, which makes it easier for remote attackers to avoid detection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1023841",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023841"
},
{
"name": "1023842",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023842"
},
{
"name": "1023843",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023843"
},
{
"name": "39396",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39396"
},
{
"name": "ADV-2010-0855",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0855"
},
{
"name": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2010-1.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1425",
"datePublished": "2010-04-15T21:12:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:53.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-6085 (GCVE-0-2008-6085)
Vulnerability from nvd – Published: 2009-02-06 11:00 – Updated: 2024-08-07 11:20
VLAI?
Summary
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:20:25.110Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31846",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021073"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31846",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021073"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6085",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31846",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31846"
},
{
"name": "1021073",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021073"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-3.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-3.shtml"
},
{
"name": "32352",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32352"
},
{
"name": "ADV-2008-2874",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2874"
},
{
"name": "fsecure-multipleproducts-rpm-bo(46016)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6085",
"datePublished": "2009-02-06T11:00:00",
"dateReserved": "2009-02-05T00:00:00",
"dateUpdated": "2024-08-07T11:20:25.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1412 (GCVE-0-2008-1412)
Vulnerability from nvd – Published: 2008-03-20 10:00 – Updated: 2024-08-07 08:24
VLAI?
Summary
Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:24:41.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28282"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019618"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29397"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-03-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28282"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019618"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29397"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, allows remote attackers to execute arbitrary code or cause a denial of service (hang or crash) via a malformed archive that triggers an unhandled exception, as demonstrated by the PROTOS GENOME test suite for Archive Formats."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-mimesweeper-hotfixes.shtml"
},
{
"name": "http://www.f-secure.com/security/fsc-2008-2.shtml",
"refsource": "CONFIRM",
"url": "http://www.f-secure.com/security/fsc-2008-2.shtml"
},
{
"name": "fsecure-archives-code-execution(41234)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41234"
},
{
"name": "ADV-2008-0903",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0903/references"
},
{
"name": "28282",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28282"
},
{
"name": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html",
"refsource": "MISC",
"url": "http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html"
},
{
"name": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml",
"refsource": "CONFIRM",
"url": "http://support.f-secure.com/enu/corporate/downloads/hotfixes/av-cs-hotfixes.shtml"
},
{
"name": "1019620",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019620"
},
{
"name": "1019619",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019619"
},
{
"name": "1019618",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019618"
},
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/"
},
{
"name": "29397",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29397"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1412",
"datePublished": "2008-03-20T10:00:00",
"dateReserved": "2008-03-19T00:00:00",
"dateUpdated": "2024-08-07T08:24:41.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}