What is CVE-2012-1459?

CVE-2012-1459 is a vulnerability in Ahnlab V3_internet_security, classified under CWE-264. Published 2012-03-21.

Is CVE-2012-1459 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Ahnlab V3_internet_security

CVE-2012-1459

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal)…

EPSS: 0.795 (99.1th percentile) — read the EPSS interpretation.

Affected products

Ahnlab V3_internet_security — versions 2011.01.18.00
Alwil Avast_antivirus — versions 4.8.1351.0, 5.0.677.0
Anti-virus Vba32 — versions 3.12.14.2
Antiy Avl_sdk — versions 2.0.3.7
Authentium Command_antivirus — versions 5.2.11.5
Avg Avg_anti-virus — versions 10.0.0.1190
Avira Antivir — versions 7.11.1.163
Bitdefender — versions 7.2
Cat Quick_heal — versions 11.00
Clamav — versions 0.96.4

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

References

openSUSE-SU-2012:0833 (vendor-advisory, x_refsource_SUSE)
80406 (x_refsource_OSVDB, vdb-entry)
80393 (x_refsource_OSVDB, vdb-entry)
20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (mailing-list, x_refsource_BUGTRAQ)
80403 (x_refsource_OSVDB, vdb-entry)
80389 (x_refsource_OSVDB, vdb-entry)
80391 (x_refsource_OSVDB, vdb-entry)
80409 (x_refsource_OSVDB, vdb-entry)
80396 (x_refsource_OSVDB, vdb-entry)
multiple-av-tar-header-evasion(74302) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2012-1459?: CVE-2012-1459 is a vulnerability in Ahnlab V3_internet_security, classified under CWE-264. Published 2012-03-21.
Is CVE-2012-1459 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.