CVE-2012-1429

EUVD-2012-1454

21.03.2012, 10:11

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.3 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:N/C:N/I:P/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 89%

Affected Products (NVD)

Vendor	Product	Version
aladdin	esafe	7.0.17.0
emsisoft	anti-malware	5.1.0.1
f-secure	f-secure_anti-virus	9.0.16160.0
ikarus	ikarus_virus_utilities_t3_command_line_scanner	1.1.97.0
mcafee	gateway	2010.1c:c
mcafee	scan_engine	5.400.0.1158
nprotect	nprotect_antivirus	2011-01-17.01
softwin	bitdefender	7.2

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-264 -

References

http://www.ieee-security.org/TC/SP2012/program.html

http://www.securityfocus.com/archive/1/522005

https://exchange.xforce.ibmcloud.com/vulnerabilities/74244

http://www.ieee-security.org/TC/SP2012/program.html

http://www.securityfocus.com/archive/1/522005

https://exchange.xforce.ibmcloud.com/vulnerabilities/74244