CVE-2012-1454

21.03.2012, 10:11

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 41%

Vendor	Product	Version
aladdin	esafe	7.0.17.0
drweb	dr.web_antivirus	5.0.2.03300
fortinet	fortinet_antivirus	4.2.254.0
mcafee	gateway	2010.1c:c
pandasecurity	panda_antivirus	10.0.2.7
rising-global	rising_antivirus	22.83.00.03

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-264 -

References

http://osvdb.org/80432

http://www.ieee-security.org/TC/SP2012/program.html

http://www.securityfocus.com/archive/1/522005

http://osvdb.org/80432

http://www.ieee-security.org/TC/SP2012/program.html

http://www.securityfocus.com/archive/1/522005