▼	URL	Tags
	cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html
	cve@mitre.org	http://osvdb.org/80389
	cve@mitre.org	http://osvdb.org/80390
	cve@mitre.org	http://osvdb.org/80391
	cve@mitre.org	http://osvdb.org/80392
	cve@mitre.org	http://osvdb.org/80393
	cve@mitre.org	http://osvdb.org/80395
	cve@mitre.org	http://osvdb.org/80396
	cve@mitre.org	http://osvdb.org/80403
	cve@mitre.org	http://osvdb.org/80406
	cve@mitre.org	http://osvdb.org/80407
	cve@mitre.org	http://osvdb.org/80409
	cve@mitre.org	http://www.ieee-security.org/TC/SP2012/program.html
	cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2012:094
	cve@mitre.org	http://www.securityfocus.com/archive/1/522005
	cve@mitre.org	http://www.securityfocus.com/bid/52623
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/74302

▼	Vendor	Product
	n/a	n/a

var-201203-0144

Vulnerability from variot

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Multiple products TAR A file parser contains a vulnerability that can prevent malware detection. Different TAR Parser If it is announced that there is also a problem with the implementation of CVE May be split.Corresponding to the length field of the full entry and part of the header of the next entry by a third party TAR Malware detection may be bypassed through archive entries. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bit2defender 7. ============================================================================ Ubuntu Security Notice USN-1482-2 June 20, 2012

clamav regression

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 12.04 LTS
Ubuntu 11.10
Ubuntu 11.04

Summary:

ClamAV could improperly detect malware if it opened a specially crafted file.

Software Description: - clamav: Anti-virus utility for Unix

Details:

USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that ClamAV incorrectly handled certain malformed TAR archives. (CVE-2012-1457, CVE-2012-1459)

It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. (CVE-2012-1458)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04 LTS: clamav 0.97.5+dfsg-1ubuntu0.12.04.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.12.04.2 libclamav6 0.97.5+dfsg-1ubuntu0.12.04.2

Ubuntu 11.10: clamav 0.97.5+dfsg-1ubuntu0.11.10.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.10.2 libclamav6 0.97.5+dfsg-1ubuntu0.11.10.2

Ubuntu 11.04: clamav 0.97.5+dfsg-1ubuntu0.11.04.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.04.2 libclamav6 0.97.5+dfsg-1ubuntu0.11.04.2

In general, a standard system update will make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-1482-2 http://www.ubuntu.com/usn/usn-1482-1 https://launchpad.net/bugs/1015337

Package Information: https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2012:094 http://www.mandriva.com/security/

Package : clamav Date : June 18, 2012 Affected: Enterprise Server 5.0

Problem Description:

This is a bugfix release that upgrades clamav to the latest version (0.97.5) that resolves the following security issues:

The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459 http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.5

Updated Packages:

Mandriva Enterprise Server 5: d82d78601290e2f6073974170c81841a mes5/i586/clamav-0.97.5-0.1mdvmes5.2.i586.rpm 80f0475472c0217afd3727019bf27e53 mes5/i586/clamav-db-0.97.5-0.1mdvmes5.2.i586.rpm c13835eadea8d2af15b628fba3159e8b mes5/i586/clamav-milter-0.97.5-0.1mdvmes5.2.i586.rpm d7c058fae32f1a081b1d4ca31157df0e mes5/i586/clamd-0.97.5-0.1mdvmes5.2.i586.rpm 5ad153709c7eb510c2be2e82bfa5ac52 mes5/i586/libclamav6-0.97.5-0.1mdvmes5.2.i586.rpm 96e3d3f3e9bea802c4109c155c9d1465 mes5/i586/libclamav-devel-0.97.5-0.1mdvmes5.2.i586.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64: b30f5aafd9aaff0a7743fb62f33ccbea mes5/x86_64/clamav-0.97.5-0.1mdvmes5.2.x86_64.rpm 1508801239427c0ac72734f52cb4451c mes5/x86_64/clamav-db-0.97.5-0.1mdvmes5.2.x86_64.rpm 92b4c5ca6db656801b5b6ae217c6e171 mes5/x86_64/clamav-milter-0.97.5-0.1mdvmes5.2.x86_64.rpm 94fad12df2cc900309087bbda13c826a mes5/x86_64/clamd-0.97.5-0.1mdvmes5.2.x86_64.rpm 8ec166a457d0512479adaaf5f80d487f mes5/x86_64/lib64clamav6-0.97.5-0.1mdvmes5.2.x86_64.rpm 19bc2758175bcde28ebf7783d68a9b98 mes5/x86_64/lib64clamav-devel-0.97.5-0.1mdvmes5.2.x86_64.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFP3tnKmqjQ0CJFipgRAj4wAJ9eURS1mZYCZhkmUTVE/U8QAH47MwCgxQzf OUr1QL5Wsvt3KboLKCdYUhE= =1QL7 -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201203-0144",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "virusbuster",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "virusbuster",
        "version": "13.6.151.0"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "comodo",
        "version": "7424"
      },
      {
        "model": "avl sdk",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "antiy",
        "version": "2.0.3.7"
      },
      {
        "model": "command antivirus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "authentium",
        "version": "5.2.11.5"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "avg",
        "version": "10.0.0.1190"
      },
      {
        "model": "bitdefender",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "bitdefender",
        "version": "7.2"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "clamav",
        "version": "0.96.4"
      },
      {
        "model": "anti-malware",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "emsisoft",
        "version": "5.1.0.1"
      },
      {
        "model": "virus utilities t3 command line scanner",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "ikarus",
        "version": "1.1.97.0"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "jiangmin",
        "version": "13.0.900"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "pc tools",
        "version": "7.0.3.5"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "f secure",
        "version": "9.0.16160.0"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "kaspersky",
        "version": "7.0.0.125"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "sophos",
        "version": "4.61.0"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "fortinet",
        "version": "4.2.254.0"
      },
      {
        "model": "scan engine",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "mcafee",
        "version": "5.400.0.1158"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "rising global",
        "version": "22.83.00.03"
      },
      {
        "model": "v3 internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "ahnlab",
        "version": "2011.01.18.00"
      },
      {
        "model": "avast antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "alwil",
        "version": "5.0.677.0"
      },
      {
        "model": "housecall",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "9.120.0.1004"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "nprotect",
        "version": "2011-01-17.01"
      },
      {
        "model": "nod32 antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "eset",
        "version": "5795"
      },
      {
        "model": "g data antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "gdata",
        "version": "21"
      },
      {
        "model": "security essentials",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "microsoft",
        "version": "2.0"
      },
      {
        "model": "trend micro antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "trendmicro",
        "version": "9.120.0.1004"
      },
      {
        "model": "f-prot antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f prot",
        "version": "4.6.2.117"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "k7computing",
        "version": "9.77.3565"
      },
      {
        "model": "quick heal",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cat",
        "version": "11.00"
      },
      {
        "model": "vba32",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "anti virus",
        "version": "3.12.14.2"
      },
      {
        "model": "gateway",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "2010.1c"
      },
      {
        "model": "antivir",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "avira",
        "version": "7.11.1.163"
      },
      {
        "model": "avast antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "alwil",
        "version": "4.8.1351.0"
      },
      {
        "model": "endpoint protection",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "11.0"
      },
      {
        "model": "antivirus \\\u0026 antispyware",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "norman",
        "version": "6.06.12"
      },
      {
        "model": "panda antivirus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "pandasecurity",
        "version": "10.0.2.7"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "avast s r o",
        "version": "4.8.1351.0"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "avast s r o",
        "version": "5.0.677.0"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "avira",
        "version": "7.11.1.163"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "rising",
        "version": "22.83.00.03"
      },
      {
        "model": "nod32 anti-virus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "eset",
        "version": "5795"
      },
      {
        "model": "f-prot antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "frisk",
        "version": "4.6.2.117"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "g data",
        "version": "21"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "k7 computing",
        "version": "9.77.3565"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "norman",
        "version": "6.06.12"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nprotect",
        "version": "2011-01-17.01"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "panda security",
        "version": "10.0.2.7"
      },
      {
        "model": "vba32",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "virusblokada",
        "version": "3.12.14.2"
      },
      {
        "model": "v3 internet security",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "unlab",
        "version": "2011.01.18.00"
      },
      {
        "model": "heal",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "quick heal k k",
        "version": "11.00"
      },
      {
        "model": "endpoint protection",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "11"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "9.120.0.1004"
      },
      {
        "model": "housecall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "trend micro",
        "version": "9.120.0.1004"
      },
      {
        "model": "security essentials",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "microsoft",
        "version": "2.0 antimalware engine 1.1.6402.0"
      },
      {
        "model": "web gateway software",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "mcafee",
        "version": "2010.1c"
      },
      {
        "model": "vba32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "virusblokada",
        "version": "3.12.142"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.10"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.10"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.04"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "virusbuster",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "13.6.1510"
      },
      {
        "model": "trend micro",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "9.1201004"
      },
      {
        "model": "housecall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "trend micro",
        "version": "9.1201004"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "20101.3103"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "12.1"
      },
      {
        "model": "opensuse",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "s u s e",
        "version": "11.4"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "rising",
        "version": "22.8303"
      },
      {
        "model": "cat-quickheal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "quick heal",
        "version": "11.00"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "pctools",
        "version": "7.0.35"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "norman",
        "version": "6.6.12"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "1.6402"
      },
      {
        "model": "mcafee-gw-edition 2010.1c",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "enterprise server x86 64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "enterprise server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mandrakesoft",
        "version": "5"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "kaspersky",
        "version": "7.0125"
      },
      {
        "model": "computing pvt ltd k7antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "k7",
        "version": "9.77.3565"
      },
      {
        "model": "jiangmin",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "jiangmin",
        "version": "13.0.900"
      },
      {
        "model": "antivirus t3.1.1.97.0",
        "scope": null,
        "trust": 0.3,
        "vendor": "ikarus",
        "version": null
      },
      {
        "model": "data software gdata",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "g",
        "version": "21"
      },
      {
        "model": "software f-prot antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "frisk",
        "version": "4.6.2117"
      },
      {
        "model": "nod32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "eset",
        "version": "5795"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "emsisoft",
        "version": "5.11"
      },
      {
        "model": "anti-virus clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "clam",
        "version": "0.96.4"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bitdefender",
        "version": "7.2"
      },
      {
        "model": "antivir engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avira",
        "version": "7.11.1163"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avg",
        "version": "10.01190"
      },
      {
        "model": "avast5 antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "5.0.6770"
      },
      {
        "model": "antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avast",
        "version": "4.8.1351.0"
      },
      {
        "model": "command antivirus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "authentium",
        "version": "5.2.115"
      },
      {
        "model": "antiy-avl",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "antiy",
        "version": "2.0.37"
      },
      {
        "model": "engine",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ahnlab",
        "version": "v32011.01.18.00"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "52623"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Suman Jana and Vitaly Shmatikov",
    "sources": [
      {
        "db": "BID",
        "id": "52623"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2012-1459",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2012-1459",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-54740",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-1459",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201203-422",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-54740",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Multiple products TAR A file parser contains a vulnerability that can prevent malware detection. Different TAR Parser If it is announced that there is also a problem with the implementation of CVE May be split.Corresponding to the length field of the full entry and part of the header of the next entry by a third party TAR Malware detection may be bypassed through archive entries. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bit2defender 7. ============================================================================\nUbuntu Security Notice USN-1482-2\nJune 20, 2012\n\nclamav regression\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 11.04\n\nSummary:\n\nClamAV could improperly detect malware if it opened a specially crafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nUSN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail\nto install in certain situations. This update fixes the problem. \n\nWe apologize for the inconvenience. \n\nOriginal advisory details:\n\n It was discovered that ClamAV incorrectly handled certain malformed TAR\n archives. (CVE-2012-1457,\n CVE-2012-1459)\n \n It was discovered that ClamAV incorrectly handled certain malformed CHM\n files. A remote attacker could create a specially-crafted CHM file\n containing malware that could escape being detected. (CVE-2012-1458)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 LTS:\n  clamav                          0.97.5+dfsg-1ubuntu0.12.04.2\n  clamav-daemon                   0.97.5+dfsg-1ubuntu0.12.04.2\n  libclamav6                      0.97.5+dfsg-1ubuntu0.12.04.2\n\nUbuntu 11.10:\n  clamav                          0.97.5+dfsg-1ubuntu0.11.10.2\n  clamav-daemon                   0.97.5+dfsg-1ubuntu0.11.10.2\n  libclamav6                      0.97.5+dfsg-1ubuntu0.11.10.2\n\nUbuntu 11.04:\n  clamav                          0.97.5+dfsg-1ubuntu0.11.04.2\n  clamav-daemon                   0.97.5+dfsg-1ubuntu0.11.04.2\n  libclamav6                      0.97.5+dfsg-1ubuntu0.11.04.2\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n  http://www.ubuntu.com/usn/usn-1482-2\n  http://www.ubuntu.com/usn/usn-1482-1\n  https://launchpad.net/bugs/1015337\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2\n  https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2\n  https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n _______________________________________________________________________\n\n Mandriva Linux Security Advisory                         MDVSA-2012:094\n http://www.mandriva.com/security/\n _______________________________________________________________________\n\n Package : clamav\n Date    : June 18, 2012\n Affected: Enterprise Server 5.0\n _______________________________________________________________________\n\n Problem Description:\n\n This is a bugfix release that upgrades clamav to the latest version\n (0.97.5) that resolves the following security issues:\n \n The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass\n malware detection via a TAR archive entry with a length field that\n exceeds the total TAR file size. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459\n http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.5\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Enterprise Server 5:\n d82d78601290e2f6073974170c81841a  mes5/i586/clamav-0.97.5-0.1mdvmes5.2.i586.rpm\n 80f0475472c0217afd3727019bf27e53  mes5/i586/clamav-db-0.97.5-0.1mdvmes5.2.i586.rpm\n c13835eadea8d2af15b628fba3159e8b  mes5/i586/clamav-milter-0.97.5-0.1mdvmes5.2.i586.rpm\n d7c058fae32f1a081b1d4ca31157df0e  mes5/i586/clamd-0.97.5-0.1mdvmes5.2.i586.rpm\n 5ad153709c7eb510c2be2e82bfa5ac52  mes5/i586/libclamav6-0.97.5-0.1mdvmes5.2.i586.rpm\n 96e3d3f3e9bea802c4109c155c9d1465  mes5/i586/libclamav-devel-0.97.5-0.1mdvmes5.2.i586.rpm \n 203cde43731b63729d1f7f6497033184  mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n b30f5aafd9aaff0a7743fb62f33ccbea  mes5/x86_64/clamav-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 1508801239427c0ac72734f52cb4451c  mes5/x86_64/clamav-db-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 92b4c5ca6db656801b5b6ae217c6e171  mes5/x86_64/clamav-milter-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 94fad12df2cc900309087bbda13c826a  mes5/x86_64/clamd-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 8ec166a457d0512479adaaf5f80d487f  mes5/x86_64/lib64clamav6-0.97.5-0.1mdvmes5.2.x86_64.rpm\n 19bc2758175bcde28ebf7783d68a9b98  mes5/x86_64/lib64clamav-devel-0.97.5-0.1mdvmes5.2.x86_64.rpm \n 203cde43731b63729d1f7f6497033184  mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi.  The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security.  You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n  http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n  security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID     Date       User ID\n pub  1024D/22458A98 2000-07-10 Mandriva Security Team\n  \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.11 (GNU/Linux)\n\niD8DBQFP3tnKmqjQ0CJFipgRAj4wAJ9eURS1mZYCZhkmUTVE/U8QAH47MwCgxQzf\nOUr1QL5Wsvt3KboLKCdYUhE=\n=1QL7\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "db": "BID",
        "id": "52623"
      },
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "db": "PACKETSTORM",
        "id": "115619"
      },
      {
        "db": "PACKETSTORM",
        "id": "113895"
      },
      {
        "db": "PACKETSTORM",
        "id": "113878"
      },
      {
        "db": "PACKETSTORM",
        "id": "113841"
      }
    ],
    "trust": 2.34
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-54740",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-1459",
        "trust": 3.2
      },
      {
        "db": "BID",
        "id": "52623",
        "trust": 1.4
      },
      {
        "db": "OSVDB",
        "id": "80396",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80389",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80391",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80403",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80395",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80390",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80392",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80393",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80409",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80406",
        "trust": 1.1
      },
      {
        "db": "OSVDB",
        "id": "80407",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869",
        "trust": 0.8
      },
      {
        "db": "BUGTRAQ",
        "id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "19231",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "113878",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "115619",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "113895",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-54740",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "113841",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "db": "BID",
        "id": "52623"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "db": "PACKETSTORM",
        "id": "115619"
      },
      {
        "db": "PACKETSTORM",
        "id": "113895"
      },
      {
        "db": "PACKETSTORM",
        "id": "113878"
      },
      {
        "db": "PACKETSTORM",
        "id": "113841"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ]
  },
  "id": "VAR-201203-0144",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:10:08.445000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "AVL SDK",
        "trust": 0.8,
        "url": "http://www.antiy.net/"
      },
      {
        "title": "Command Antivirus",
        "trust": 0.8,
        "url": "http://www.authentium.com/command/csavdownload.html"
      },
      {
        "title": "avast! Antivirus",
        "trust": 0.8,
        "url": "https://www.avast.co.jp/index"
      },
      {
        "title": "AVG Anti-Virus",
        "trust": 0.8,
        "url": "http://www.avgjapan.com/home-small-office-security/buy-antivirus"
      },
      {
        "title": "AntiVir",
        "trust": 0.8,
        "url": "http://www.avira.com/"
      },
      {
        "title": "Rising Antivirus",
        "trust": 0.8,
        "url": "http://www.rising-global.com/"
      },
      {
        "title": "Bitdefender",
        "trust": 0.8,
        "url": "http://www.bitdefender.com/"
      },
      {
        "title": "ClamAV",
        "trust": 0.8,
        "url": "http://www.clamav.net/lang/en/"
      },
      {
        "title": "Comodo Antivirus",
        "trust": 0.8,
        "url": "http://www.comodo.com/home/internet-security/antivirus.php"
      },
      {
        "title": "Emsisoft Anti-Malware",
        "trust": 0.8,
        "url": "http://www.emsisoft.com/en/software/antimalware/"
      },
      {
        "title": "ESET NOD32\u30a2\u30f3\u30c1\u30a6\u30a4\u30eb\u30b9",
        "trust": 0.8,
        "url": "http://www.eset.com/us/"
      },
      {
        "title": "Fortinet Antivirus",
        "trust": 0.8,
        "url": "http://www.fortinet.com/solutions/antivirus.html"
      },
      {
        "title": "F-Prot Antivirus",
        "trust": 0.8,
        "url": "http://www.f-prot.com/index.html"
      },
      {
        "title": "G Data AntiVirus",
        "trust": 0.8,
        "url": "http://www.gdata.co.jp/"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.ikarus.at/en/"
      },
      {
        "title": "Jiangmin Antivirus",
        "trust": 0.8,
        "url": "http://global.jiangmin.com/"
      },
      {
        "title": "K7 AntiVirus",
        "trust": 0.8,
        "url": "http://www.k7computing.com/en/consumer_home.php"
      },
      {
        "title": "McAfee Web Gateway",
        "trust": 0.8,
        "url": "http://www.mcafee.com/us/products/web-gateway.aspx"
      },
      {
        "title": "McAfee Scan Engine",
        "trust": 0.8,
        "url": "http://www.mcafee.com/us/support/support-eol-scan-engine.aspx"
      },
      {
        "title": "Norman Antivirus",
        "trust": 0.8,
        "url": "http://www.norman.com/products/antivirus_antispyware/en"
      },
      {
        "title": "nProtect Anti-Virus",
        "trust": 0.8,
        "url": "http://global.nprotect.com/product/avs.php"
      },
      {
        "title": "openSUSE-SU-2012:0833",
        "trust": 0.8,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
      },
      {
        "title": "Panda Antivirus",
        "trust": 0.8,
        "url": "http://www.ps-japan.co.jp/"
      },
      {
        "title": "PC Tools AntiVirus",
        "trust": 0.8,
        "url": "http://www.pctools.com/jp/spyware-doctor-antivirus/"
      },
      {
        "title": "Quick Heal",
        "trust": 0.8,
        "url": "http://www.quickheal.com/"
      },
      {
        "title": "Sophos Anti-Virus",
        "trust": 0.8,
        "url": "http://www.sophos.com/ja-jp/"
      },
      {
        "title": "Endpoint Protection",
        "trust": 0.8,
        "url": "http://www.symantec.com/ja/jp/endpoint-protection"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://jp.trendmicro.com/jp/home/index.html"
      },
      {
        "title": "Trend Micro HouseCall",
        "trust": 0.8,
        "url": "http://jp.trendmicro.com/jp/tools/housecall/index.html"
      },
      {
        "title": "VBA32",
        "trust": 0.8,
        "url": "http://anti-virus.by/en/index.shtml"
      },
      {
        "title": "VirusBuster",
        "trust": 0.8,
        "url": "http://www.virusbuster.hu/en"
      },
      {
        "title": "V3 Internet Security",
        "trust": 0.8,
        "url": "http://www.ahnlab.co.jp/product_service/product/b2b/v3is8.asp"
      },
      {
        "title": "Kaspersky Anti-Virus",
        "trust": 0.8,
        "url": "http://www.kaspersky.com/kaspersky_anti-virus"
      },
      {
        "title": "Microsoft Security Essentials",
        "trust": 0.8,
        "url": "http://windows.microsoft.com/ja-jp/windows/products/security-essentials"
      },
      {
        "title": "F-Secure Anti-Virus",
        "trust": 0.8,
        "url": "http://www.f-secure.com/ja/web/home_jp/protection/anti-virus/overview"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/archive/1/522005"
      },
      {
        "trust": 1.7,
        "url": "http://www.ieee-security.org/tc/sp2012/program.html"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/52623"
      },
      {
        "trust": 1.1,
        "url": "http://www.mandriva.com/security/advisories?name=mdvsa-2012:094"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80389"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80390"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80391"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80392"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80393"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80395"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80396"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80403"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80406"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80407"
      },
      {
        "trust": 1.1,
        "url": "http://osvdb.org/80409"
      },
      {
        "trust": 1.1,
        "url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1459"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1459"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/19231"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1459"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1458"
      },
      {
        "trust": 0.3,
        "url": "http://www.antiy.net"
      },
      {
        "trust": 0.3,
        "url": "http://www.authentium.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.avast.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.avg.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.avira.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.bitdefender.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.emsisoft.com/en/software/antimalware/"
      },
      {
        "trust": 0.3,
        "url": "http://eset.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.f-prot.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.gdatasoftware.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.ikarus.at"
      },
      {
        "trust": 0.3,
        "url": "http://global.jiangmin.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.k7computing.com/en/product/k7-antivirusplus.php"
      },
      {
        "trust": 0.3,
        "url": "http://www.kaspersky.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.mcafee.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.microsoft.com"
      },
      {
        "trust": 0.3,
        "url": "http://anti-virus-software-review.toptenreviews.com/norman-review.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.pctools.com/spyware-doctor-antivirus/"
      },
      {
        "trust": 0.3,
        "url": "http://www.quickheal.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.rising-global.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.symantec.com"
      },
      {
        "trust": 0.3,
        "url": "http://www.trend.com"
      },
      {
        "trust": 0.3,
        "url": "http://anti-virus.by/en/index.shtml"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/522005"
      },
      {
        "trust": 0.3,
        "url": "http://www.ubuntu.com/usn/usn-1482-1"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1457"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.3"
      },
      {
        "trust": 0.1,
        "url": "http://www.ubuntu.com/usn/usn-1482-3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.3"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/1015405"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/bugs/1015337"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2"
      },
      {
        "trust": 0.1,
        "url": "http://www.ubuntu.com/usn/usn-1482-2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.96.5+dfsg-1ubuntu1.10.04.4"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.1"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/"
      },
      {
        "trust": 0.1,
        "url": "http://www.mandriva.com/security/advisories"
      },
      {
        "trust": 0.1,
        "url": "http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=changelog;hb=clamav-0.97.5"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1457"
      },
      {
        "trust": 0.1,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1458"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "db": "BID",
        "id": "52623"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "db": "PACKETSTORM",
        "id": "115619"
      },
      {
        "db": "PACKETSTORM",
        "id": "113895"
      },
      {
        "db": "PACKETSTORM",
        "id": "113878"
      },
      {
        "db": "PACKETSTORM",
        "id": "113841"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "db": "BID",
        "id": "52623"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "db": "PACKETSTORM",
        "id": "115619"
      },
      {
        "db": "PACKETSTORM",
        "id": "113895"
      },
      {
        "db": "PACKETSTORM",
        "id": "113878"
      },
      {
        "db": "PACKETSTORM",
        "id": "113841"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-03-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "date": "2012-03-20T00:00:00",
        "db": "BID",
        "id": "52623"
      },
      {
        "date": "2012-03-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "date": "2012-08-17T02:36:21",
        "db": "PACKETSTORM",
        "id": "115619"
      },
      {
        "date": "2012-06-20T03:33:06",
        "db": "PACKETSTORM",
        "id": "113895"
      },
      {
        "date": "2012-06-20T02:54:11",
        "db": "PACKETSTORM",
        "id": "113878"
      },
      {
        "date": "2012-06-19T00:56:02",
        "db": "PACKETSTORM",
        "id": "113841"
      },
      {
        "date": "2012-03-21T10:11:49.597000",
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "date": "2012-03-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-01-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-54740"
      },
      {
        "date": "2015-04-13T22:00:00",
        "db": "BID",
        "id": "52623"
      },
      {
        "date": "2012-07-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      },
      {
        "date": "2018-01-18T02:29:13.273000",
        "db": "NVD",
        "id": "CVE-2012-1459"
      },
      {
        "date": "2012-04-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "115619"
      },
      {
        "db": "PACKETSTORM",
        "id": "113895"
      },
      {
        "db": "PACKETSTORM",
        "id": "113878"
      },
      {
        "db": "PACKETSTORM",
        "id": "113841"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ],
    "trust": 1.0
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple products  TAR Vulnerability that prevents file parsers from detecting malware",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-001869"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201203-422"
      }
    ],
    "trust": 0.6
  }
}

gsd-2012-1459

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Aliases

CVE-2012-1459

Aliases

CVE-2012-1459

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-1459",
    "description": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.",
    "id": "GSD-2012-1459",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-1459.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-1459"
      ],
      "details": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.",
      "id": "GSD-2012-1459",
      "modified": "2023-12-13T01:20:18.772700Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2012-1459",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "openSUSE-SU-2012:0833",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
          },
          {
            "name": "80406",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80406"
          },
          {
            "name": "80393",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80393"
          },
          {
            "name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/522005"
          },
          {
            "name": "80403",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80403"
          },
          {
            "name": "80389",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80389"
          },
          {
            "name": "80391",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80391"
          },
          {
            "name": "80409",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80409"
          },
          {
            "name": "80396",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80396"
          },
          {
            "name": "multiple-av-tar-header-evasion(74302)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
          },
          {
            "name": "80392",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80392"
          },
          {
            "name": "http://www.ieee-security.org/TC/SP2012/program.html",
            "refsource": "MISC",
            "url": "http://www.ieee-security.org/TC/SP2012/program.html"
          },
          {
            "name": "80390",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80390"
          },
          {
            "name": "MDVSA-2012:094",
            "refsource": "MANDRIVA",
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
          },
          {
            "name": "80407",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80407"
          },
          {
            "name": "80395",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/80395"
          },
          {
            "name": "52623",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/52623"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:avira:antivir:7.11.1.163:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:virusbuster:virusbuster:13.6.151.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:4.8.1351.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:alwil:avast_antivirus:5.0.677.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-prot:f-prot_antivirus:4.6.2.117:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ahnlab:v3_internet_security:2011.01.18.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clamav:clamav:0.96.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gdata-software:g_data_antivirus:21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-1459"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/522005"
            },
            {
              "name": "http://www.ieee-security.org/TC/SP2012/program.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.ieee-security.org/TC/SP2012/program.html"
            },
            {
              "name": "openSUSE-SU-2012:0833",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
            },
            {
              "name": "80403",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80403"
            },
            {
              "name": "80393",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80393"
            },
            {
              "name": "80391",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80391"
            },
            {
              "name": "80392",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80392"
            },
            {
              "name": "80406",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80406"
            },
            {
              "name": "80395",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80395"
            },
            {
              "name": "80396",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80396"
            },
            {
              "name": "80389",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80389"
            },
            {
              "name": "80390",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80390"
            },
            {
              "name": "80407",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80407"
            },
            {
              "name": "80409",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/80409"
            },
            {
              "name": "52623",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/52623"
            },
            {
              "name": "multiple-av-tar-header-evasion(74302)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
            },
            {
              "name": "MDVSA-2012:094",
              "refsource": "MANDRIVA",
              "tags": [],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-01-18T02:29Z",
      "publishedDate": "2012-03-21T10:11Z"
    }
  }
}

pysec-2012-26

Vulnerability from pysec

Published

2012-03-21 10:11

Modified

2024-11-21 14:22

Details

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Aliases

CVE-2012-1459

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "bitdefender",
        "purl": "pkg:pypi/bitdefender"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.0.1"
      ]
    }
  ],
  "aliases": [
    "CVE-2012-1459"
  ],
  "details": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.",
  "id": "PYSEC-2012-26",
  "modified": "2024-11-21T14:22:41.220887Z",
  "published": "2012-03-21T10:11:00Z",
  "references": [
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/522005"
    },
    {
      "type": "WEB",
      "url": "http://www.ieee-security.org/TC/SP2012/program.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80403"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80393"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80391"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80392"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80406"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80395"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80396"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80389"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80390"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80407"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80409"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/52623"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
    },
    {
      "type": "ADVISORY",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
    }
  ],
  "withdrawn": "2024-11-22T04:37:03Z"
}

ghsa-6jh3-f3f4-37w5

Vulnerability from github

Published

2022-05-14 03:49

Modified

2022-05-14 03:49

Details

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-1459"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-03-21T10:11:00Z",
    "severity": "MODERATE"
  },
  "details": "The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.",
  "id": "GHSA-6jh3-f3f4-37w5",
  "modified": "2022-05-14T03:49:26Z",
  "published": "2022-05-14T03:49:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-1459"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74302"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80389"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80390"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80391"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80392"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80393"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80395"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80396"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80403"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80406"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80407"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/80409"
    },
    {
      "type": "WEB",
      "url": "http://www.ieee-security.org/TC/SP2012/program.html"
    },
    {
      "type": "WEB",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:094"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/522005"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/52623"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

cve-2012-1459

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature

Action not permitted

cve-2012-1459

Vulnerability from cvelistv5

var-201203-0144

Vulnerability from variot

clamav regression

gsd-2012-1459

Vulnerability from gsd

pysec-2012-26

Vulnerability from pysec

ghsa-6jh3-f3f4-37w5

Vulnerability from github

Tags

Sightings

Nomenclature