Vulnerability Description
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \4a\46\49\46 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cat | Quick Heal | 11.00 |
| Norman | Norman Antivirus \& Antispyware | 6.06.12 |
| Sophos | Sophos Anti-Virus | 4.61.0 |
Related Weaknesses (CWE)
References
- http://osvdb.org/80390
- http://osvdb.org/80409
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
- http://www.securityfocus.com/bid/52579
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74243
- http://osvdb.org/80390
- http://osvdb.org/80409
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
- http://www.securityfocus.com/bid/52579
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74243
FAQ
What is CVE-2012-1428?
CVE-2012-1428 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \4a\...
How severe is CVE-2012-1428?
CVE-2012-1428 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1428?
Check the references section above for vendor advisories and patch information. Affected products include: Cat Quick Heal, Norman Norman Antivirus \& Antispyware, Sophos Sophos Anti-Virus.