Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability

BID:51861

Info

Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability

Bugtraq ID: 51861
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: Feb 03 2012 12:00AM
Updated: Feb 03 2012 12:00AM
Credit: Michel '[email protected]'
Vulnerable: VirusBuster Internet Security Suite 3.2
VirusBuster Command-line Antivirus 1.5.6
VirusBlokAda Vba32 Personal 3.12.8
VirusBlokAda Vba32 Personal 3.12.2
VirusBlokAda Vba32 Personal 3.12.12.4
VirusBlokAda VBA32
Sophos Anti-Virus 3.96 .0
Sophos Anti-Virus 3.95
Sophos Anti-Virus 3.91
Sophos Anti-Virus 3.90
Sophos Anti-Virus 3.86
Sophos Anti-Virus 3.85
Sophos Anti-Virus 3.84
Sophos Anti-Virus 3.83
Sophos Anti-Virus 3.82
Sophos Anti-Virus 3.81
Softwin BitDefender Online Scanner
Quick Heal Technologies AntiVirus 2008 9.50
Quick Heal Technologies Antivirus 11.00
Panda Antivirus 0
Kaspersky Labs Anti-Virus 0
Ikarus virus utilities 0
Frisk Software F-Prot Antivirus 6.2.1 .4252
Frisk Software F-Prot Antivirus 6.0.9 .0
Frisk Software F-Prot Antivirus 6.0.1
Frisk Software F-Prot Antivirus 4.6.7
Frisk Software F-Prot Antivirus 4.6.6
Frisk Software F-Prot Antivirus 3.16 c
Frisk Software F-Prot Antivirus 4.6.1.107
Frisk Software F-Prot Antivirus 3.16f
AVIRA AntiVir Engine 7.4 .24
AVIRA AntiVir Engine 8.2.0.180
AVIRA AntiVir Engine 7.9.0.180
AVIRA AntiVir Engine 10.0.0.567
AVIRA AntiVir Engine 0
AVG AVG Anti-Virus Free Edition 7.5.446
AVG AVG Anti-Virus for Linux 7.5.51
AVG AVG Anti-Virus 8.0.156
AVG AVG Anti-Virus 8.0
AVG AVG Anti-Virus 7.5.476
AVG AVG Anti-Virus 7.5.448
AVG AVG Anti-Virus 7.1.407
AVG AVG Anti-Virus 7.1.308
AVG AVG Anti-Virus 7.0.323
AVG AVG Anti-Virus 7.0.251
AVG AVG Anti-Virus 7.0
AVG AVG Anti-Virus 6.0.710
AVG AVG Anti-Virus 8.5 323
AVG AVG Anti-Virus 0
Avast! Antivirus Professional Edition 5.0.418
Avast! Antivirus Professional Edition 4.8.1356
Avast! Antivirus Professional Edition 4.8.1351
Avast! Antivirus Professional Edition 4.8.1335
Avast! Antivirus Professional Edition 4.8.1169
Avast! Antivirus Professional Edition 4.7.1098
Avast! Antivirus Professional Edition 4.7.1043
Avast! Antivirus Professional Edition 4.7.844
Avast! Antivirus Professional Edition 4.7.827
Avast! Antivirus Professional Edition 4.6.691
Avast! Antivirus Professional Edition 4.6.665
Avast! Antivirus Professional Edition 4.6.652
Avast! Antivirus Professional Edition 4.6.603
Avast! Antivirus Professional Edition 4.6
Avast! Antivirus Professional Edition 4.0
Not Vulnerable:

Discussion

Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability

Multiple antivirus products are prone prone to a vulnerability that may allow an attacker to bypass on-demand scans.

Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection.

The following products are affected:

Frisk F-Prot Antivirus
Avast! antivirus
G DATA
Ikarus
Softwin BitDefender
Kaspersky Anti-Virus
ClamAV
Panda Antivirus
CPsecure
Quick Heal
Dr.Web
Sophos
emsisoft Anti-Malware
VirusBlokAda VBA32
ESET
VirusBuster

Exploit / POC

Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability

Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Multiple AntiVirus Products '.kz' Scan Evasion Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report