Vulnerability in Authentium Command_antivirus
CVE-2012-1420
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Mic…
EPSS: 0.164 (95.0th percentile) — read the EPSS interpretation.
Affected products
- Authentium Command_antivirus — versions 5.2.11.5
- Cat Quick_heal — versions 11.00
- Eset Nod32_antivirus — versions 5795
- Fortinet Fortinet_antivirus — versions 4.2.254.0
- F-prot F-prot_antivirus — versions 4.6.2.117
- K7computing Antivirus — versions 9.77.3565
- Kaspersky Kaspersky_anti-virus — versions 7.0.0.125
- Microsoft Security_essentials — versions 2.0
- Norman Norman_antivirus_\&_antispyware — versions 6.06.12
- Pandasecurity Panda_antivirus — versions 10.0.2.7
Weakness classification (CWE)
References
- 80406 (x_refsource_OSVDB, vdb-entry)
- 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (mailing-list, x_refsource_BUGTRAQ)
- 80403 (x_refsource_OSVDB, vdb-entry)
- 80409 (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_MISC)
- 80407 (x_refsource_OSVDB, vdb-entry)