Design/Logic Flaw

2012-03-2110:11:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.973 High

EPSS

Percentile

99.9%

JSON

The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CPENameOperatorVersion
v3_internet_securityeq2011.01.18.00
esafeeq7.0.17.0
command_antiviruseq5.2.11.5
bitdefendereq7.2
quick_healeq11.00
comodo_antiviruseq7424
f-prot_antiviruseq4.6.2.117
f-secure_anti-viruseq9.0.16160.0
scan_engineeq5.400.0.1158
norman_antivirus_\\&_antispywareeq6.06.12

Name	Operator	Version
v3_internet_security	eq	2011.01.18.00
esafe	eq	7.0.17.0
command_antivirus	eq	5.2.11.5
bitdefender	eq	7.2
quick_heal	eq	11.00
comodo_antivirus	eq	7424
f-prot_antivirus	eq	4.6.2.117
f-secure_anti-virus	eq	9.0.16160.0
scan_engine	eq	5.400.0.1158
norman_antivirus_\\&_antispyware	eq	6.06.12

Rows per page:

1-10 of 121

References

osvdb.org/80426

osvdb.org/80433

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52614

exchange.xforce.ibmcloud.com/vulnerabilities/74311