Multiple AntiVirus Products CVE-2012-1448 CAB File Scan Evasion Vulnerability
BID:52603
Info
Multiple AntiVirus Products CVE-2012-1448 CAB File Scan Evasion Vulnerability
| Bugtraq ID: | 52603 |
| Class: | Design Error |
| CVE: |
CVE-2012-1448 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 20 2012 12:00AM |
| Updated: | Mar 20 2012 12:00AM |
| Credit: | Suman Jana and Vitaly Shmatikov |
| Vulnerable: |
Panda Antivirus 10.0.2 7 DrWeb Antivirus 5.0.2 03300 |
| Not Vulnerable: | |
Discussion
Multiple AntiVirus Products CVE-2012-1448 CAB File Scan Evasion Vulnerability
Multiple Antivirus products are prone to a vulnerability that may allow an attacker to bypass on-demand scans.
Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection.
The following products are affected:
DrWeb Antivirus 5.0.2.03300
Panda Antivirus 10.0.2.7
Multiple Antivirus products are prone to a vulnerability that may allow an attacker to bypass on-demand scans.
Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection.
The following products are affected:
DrWeb Antivirus 5.0.2.03300
Panda Antivirus 10.0.2.7
Exploit / POC
Multiple AntiVirus Products CVE-2012-1448 CAB File Scan Evasion Vulnerability
Attackers can use standard, readily available tools to exploit this issue.
Attackers can use standard, readily available tools to exploit this issue.
Solution / Fix
Multiple AntiVirus Products CVE-2012-1448 CAB File Scan Evasion Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Multiple AntiVirus Products CVE-2012-1448 CAB File Scan Evasion Vulnerability
References:
References:
- DrWeb Homepage (DrWeb)
- Panda Homepage (Panda)
- Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (Suman Jana)