CVE-2012-1446
Summary
| CVE | CVE-2012-1446 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-03-21 10:11:00 UTC |
| Updated | 2012-07-28 03:30:00 UTC |
| Description | The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. |
Risk And Classification
Problem Types: CWE-264
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Aladdin | Esafe | 7.0.17.0 | All | All | All |
| Application | Aladdin | Esafe | 7.0.17.0 | All | All | All |
| Application | Antiy | Avl Sdk | 2.0.3.7 | All | All | All |
| Application | Antiy | Avl Sdk | 2.0.3.7 | All | All | All |
| Application | Ca | Etrust Vet Antivirus | 36.1.8511 | All | All | All |
| Application | Ca | Etrust Vet Antivirus | 36.1.8511 | All | All | All |
| Application | Cat | Quick Heal | 11.00 | All | All | All |
| Application | Cat | Quick Heal | 11.00 | All | All | All |
| Application | Fortinet | Fortinet Antivirus | 4.2.254.0 | All | All | All |
| Application | Fortinet | Fortinet Antivirus | 4.2.254.0 | All | All | All |
| Application | Kaspersky | Kaspersky Anti-virus | 7.0.0.125 | All | All | All |
| Application | Kaspersky | Kaspersky Anti-virus | 7.0.0.125 | All | All | All |
| Application | Mcafee | Gateway | 2010.1c | All | All | All |
| Application | Mcafee | Gateway | 2010.1c | All | All | All |
| Application | Mcafee | Scan Engine | 5.400.0.1158 | All | All | All |
| Application | Mcafee | Scan Engine | 5.400.0.1158 | All | All | All |
| Application | Norman | Norman Antivirus Antispyware | 6.06.12 | All | All | All |
| Application | Norman | Norman Antivirus Antispyware | 6.06.12 | All | All | All |
| Application | Norman | Norman Antivirus Antispyware | 6.06.12 | All | All | All |
| Application | Pandasecurity | Panda Antivirus | 10.0.2.7 | All | All | All |
| Application | Pandasecurity | Panda Antivirus | 10.0.2.7 | All | All | All |
| Application | Pc Tools | Pc Tools Antivirus | 7.0.3.5 | All | All | All |
| Application | Pc Tools | Pc Tools Antivirus | 7.0.3.5 | All | All | All |
| Application | Rising-global | Rising Antivirus | 22.83.00.03 | All | All | All |
| Application | Rising-global | Rising Antivirus | 22.83.00.03 | All | All | All |
| Application | Sophos | Sophos Anti-virus | 4.61.0 | All | All | All |
| Application | Sophos | Sophos Anti-virus | 4.61.0 | All | All | All |
| Application | Symantec | Endpoint Protection | 11.0 | All | All | All |
| Application | Symantec | Endpoint Protection | 11.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 80430 | OSVDB | osvdb.org | |
| IEEE Symposium on Security and Privacy 2012 | MISC | www.ieee-security.org | |
| 80426 | OSVDB | osvdb.org | |
| 80428 | OSVDB | osvdb.org | |
| 80431 | OSVDB | osvdb.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Multiple AntiVirus Products CVE-2012-1446 ELF File Scan Evasion Vulnerability | BID | www.securityfocus.com | |
| 80427 | OSVDB | osvdb.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.