Vulnerability in Aladdin Esafe
CVE-2012-1460
The Gzip file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, and VBA32 3.12.14.2 allo…
EPSS: 0.006 (69.1th percentile) — read the EPSS interpretation.
Affected products
- Aladdin Esafe — versions 7.0.17.0
- Anti-virus Vba32 — versions 3.12.14.2
- Antiy Avl_sdk — versions 2.0.3.7
- Authentium Command_antivirus — versions 5.2.11.5
- Cat Quick_heal — versions 11.00
- F-prot F-prot_antivirus — versions 4.6.2.117
- Jiangmin Jiangmin_antivirus — versions 13.0.900
- K7computing Antivirus — versions 9.77.3565
- N/a — versions n/a
Weakness classification (CWE)
References
- 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (mailing-list, x_refsource_BUGTRAQ)
- 52629 (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_MISC)
- multiple-av-tar-gzip-evasion(74308) (vdb-entry, x_refsource_XF)