CVE-2012-1442

EUVD-2012-1465
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
aladdinesafe
7.0.17.0
antiyavl_sdk
2.0.3.7
catquick_heal
11.00
f-securef-secure_anti-virus
9.0.16160.0
fortinetfortinet_antivirus
4.2.254.0
kasperskykaspersky_anti-virus
7.0.0.125
mcafeegateway
2010.1c:c
mcafeescan_engine
5.400.0.1158
pandasecuritypanda_antivirus
10.0.2.7
rising-globalrising_antivirus
22.83.00.03
sophossophos_anti-virus
4.61.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/80426
http://osvdb.org/80427
http://osvdb.org/80428
http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005
http://www.securityfocus.com/bid/52598
http://osvdb.org/80426
http://osvdb.org/80427
http://osvdb.org/80428
http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005
http://www.securityfocus.com/bid/52598