Lucene search

MitreCVE-2012-1442

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1442

2012-03-2110:11:48

CWE-264

mitre

web.nvd.nist.gov

cve-2012-1442

elf file

parser

vulnerability

antivirus

quick heal

mcafee

kaspersky

f-secure

sophos

esafe

fortinet

panda

antiy labs

rising antivirus

remote attackers

bypass malware detection

class field

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.974

Percentile

100.0%

JSON

The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Affected configurations

Nvd

Node

aladdinesafeMatch7.0.17.0

antiyavl_sdkMatch2.0.3.7

catquick_healMatch11.00

f-securef-secure_anti-virusMatch9.0.16160.0

fortinetfortinet_antivirusMatch4.2.254.0

kasperskykaspersky_anti-virusMatch7.0.0.125

mcafeegatewayMatch2010.1c

mcafeescan_engineMatch5.400.0.1158

pandasecuritypanda_antivirusMatch10.0.2.7

rising-globalrising_antivirusMatch22.83.00.03

sophossophos_anti-virusMatch4.61.0

VendorProductVersionCPE
aladdinesafe7.0.17.0cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*
antiyavl_sdk2.0.3.7cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*
catquick_heal11.00cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*
f-securef-secure_anti-virus9.0.16160.0cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*
fortinetfortinet_antivirus4.2.254.0cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*
kasperskykaspersky_anti-virus7.0.0.125cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*
mcafeegateway2010.1ccpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*
mcafeescan_engine5.400.0.1158cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*
pandasecuritypanda_antivirus10.0.2.7cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*
rising-globalrising_antivirus22.83.00.03cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
aladdin	esafe	7.0.17.0	cpe:2.3:a:aladdin:esafe:7.0.17.0:::::::*
antiy	avl_sdk	2.0.3.7	cpe:2.3:a:antiy:avl_sdk:2.0.3.7:::::::*
cat	quick_heal	11.00	cpe:2.3:a:cat:quick_heal:11.00:::::::*
f-secure	f-secure_anti-virus	9.0.16160.0	cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:::::::*
fortinet	fortinet_antivirus	4.2.254.0	cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:::::::*
kaspersky	kaspersky_anti-virus	7.0.0.125	cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:::::::*
mcafee	gateway	2010.1c	cpe:2.3:a:mcafee:gateway:2010.1c:::::::*
mcafee	scan_engine	5.400.0.1158	cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:::::::*
pandasecurity	panda_antivirus	10.0.2.7	cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:::::::*
rising-global	rising_antivirus	22.83.00.03	cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:::::::*

Rows per page:

1-10 of 111

References

osvdb.org/80426

osvdb.org/80427

osvdb.org/80428

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52598

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.7

Confidence

Low

EPSS

0.974

Percentile

100.0%

JSON

Related for CVE-2012-1442