CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1424

The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.055

EPSS Ranking 89.7%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2012-1424

Antiy » Avl Sdk » Version: 2.0.3.7

cpe:2.3:a:antiy:avl_sdk:2.0.3.7
Cat » Quick Heal » Version: 11.00

cpe:2.3:a:cat:quick_heal:11.00
Jiangmin » Jiangmin Antivirus » Version: 13.0.900

cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900
Norman » Norman Antivirus & Antispyware » Version: 6.06.12

cpe:2.3:a:norman:norman_antivirus_&_antispyware:6.06.12
Pc Tools » Pc Tools Antivirus » Version: 7.0.3.5

cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5
Sophos » Sophos Anti-Virus » Version: 4.61.0

cpe:2.3:a:sophos:sophos_anti-virus:4.61.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-1424

Products

Pricing

Contact Us