Details of VAR-201203-0144

ID

VAR-201203-0144

CVE

CVE-2012-1459

TITLE

Multiple products TAR Vulnerability that prevents file parsers from detecting malware

Trust: 0.8

sources: JVNDB: JVNDB-2012-001869

DESCRIPTION

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, Panda Antivirus 10.0.2.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Multiple products TAR A file parser contains a vulnerability that can prevent malware detection. Different TAR Parser If it is announced that there is also a problem with the implementation of CVE May be split.Corresponding to the length field of the full entry and part of the header of the next entry by a third party TAR Malware detection may be bypassed through archive entries. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bit2defender 7. ============================================================================ Ubuntu Security Notice USN-1482-2 June 20, 2012 clamav regression ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS - Ubuntu 11.10 - Ubuntu 11.04 Summary: ClamAV could improperly detect malware if it opened a specially crafted file. Software Description: - clamav: Anti-virus utility for Unix Details: USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that ClamAV incorrectly handled certain malformed TAR archives. (CVE-2012-1457, CVE-2012-1459) It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. (CVE-2012-1458) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: clamav 0.97.5+dfsg-1ubuntu0.12.04.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.12.04.2 libclamav6 0.97.5+dfsg-1ubuntu0.12.04.2 Ubuntu 11.10: clamav 0.97.5+dfsg-1ubuntu0.11.10.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.10.2 libclamav6 0.97.5+dfsg-1ubuntu0.11.10.2 Ubuntu 11.04: clamav 0.97.5+dfsg-1ubuntu0.11.04.2 clamav-daemon 0.97.5+dfsg-1ubuntu0.11.04.2 libclamav6 0.97.5+dfsg-1ubuntu0.11.04.2 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1482-2 http://www.ubuntu.com/usn/usn-1482-1 https://launchpad.net/bugs/1015337 Package Information: https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2 https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2012:094 http://www.mandriva.com/security/ _______________________________________________________________________ Package : clamav Date : June 18, 2012 Affected: Enterprise Server 5.0 _______________________________________________________________________ Problem Description: This is a bugfix release that upgrades clamav to the latest version (0.97.5) that resolves the following security issues: The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1459 http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.5 _______________________________________________________________________ Updated Packages: Mandriva Enterprise Server 5: d82d78601290e2f6073974170c81841a mes5/i586/clamav-0.97.5-0.1mdvmes5.2.i586.rpm 80f0475472c0217afd3727019bf27e53 mes5/i586/clamav-db-0.97.5-0.1mdvmes5.2.i586.rpm c13835eadea8d2af15b628fba3159e8b mes5/i586/clamav-milter-0.97.5-0.1mdvmes5.2.i586.rpm d7c058fae32f1a081b1d4ca31157df0e mes5/i586/clamd-0.97.5-0.1mdvmes5.2.i586.rpm 5ad153709c7eb510c2be2e82bfa5ac52 mes5/i586/libclamav6-0.97.5-0.1mdvmes5.2.i586.rpm 96e3d3f3e9bea802c4109c155c9d1465 mes5/i586/libclamav-devel-0.97.5-0.1mdvmes5.2.i586.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm Mandriva Enterprise Server 5/X86_64: b30f5aafd9aaff0a7743fb62f33ccbea mes5/x86_64/clamav-0.97.5-0.1mdvmes5.2.x86_64.rpm 1508801239427c0ac72734f52cb4451c mes5/x86_64/clamav-db-0.97.5-0.1mdvmes5.2.x86_64.rpm 92b4c5ca6db656801b5b6ae217c6e171 mes5/x86_64/clamav-milter-0.97.5-0.1mdvmes5.2.x86_64.rpm 94fad12df2cc900309087bbda13c826a mes5/x86_64/clamd-0.97.5-0.1mdvmes5.2.x86_64.rpm 8ec166a457d0512479adaaf5f80d487f mes5/x86_64/lib64clamav6-0.97.5-0.1mdvmes5.2.x86_64.rpm 19bc2758175bcde28ebf7783d68a9b98 mes5/x86_64/lib64clamav-devel-0.97.5-0.1mdvmes5.2.x86_64.rpm 203cde43731b63729d1f7f6497033184 mes5/SRPMS/clamav-0.97.5-0.1mdvmes5.2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iD8DBQFP3tnKmqjQ0CJFipgRAj4wAJ9eURS1mZYCZhkmUTVE/U8QAH47MwCgxQzf OUr1QL5Wsvt3KboLKCdYUhE= =1QL7 -----END PGP SIGNATURE-----

Trust: 2.34

sources: NVD: CVE-2012-1459 // JVNDB: JVNDB-2012-001869 // BID: 52623 // VULHUB: VHN-54740 // PACKETSTORM: 115619 // PACKETSTORM: 113895 // PACKETSTORM: 113878 // PACKETSTORM: 113841

AFFECTED PRODUCTS

vendor:	virusbuster	model:	virusbuster	scope:	eq	version:	13.6.151.0	Trust: 2.4
vendor:	comodo	model:	antivirus	scope:	eq	version:	7424	Trust: 2.1
vendor:	antiy	model:	avl sdk	scope:	eq	version:	2.0.3.7	Trust: 1.8
vendor:	authentium	model:	command antivirus	scope:	eq	version:	5.2.11.5	Trust: 1.8
vendor:	avg	model:	anti-virus	scope:	eq	version:	10.0.0.1190	Trust: 1.8
vendor:	bitdefender	model:	bitdefender	scope:	eq	version:	7.2	Trust: 1.8
vendor:	clamav	model:	clamav	scope:	eq	version:	0.96.4	Trust: 1.8
vendor:	emsisoft	model:	anti-malware	scope:	eq	version:	5.1.0.1	Trust: 1.8
vendor:	ikarus	model:	virus utilities t3 command line scanner	scope:	eq	version:	1.1.97.0	Trust: 1.8
vendor:	jiangmin	model:	antivirus	scope:	eq	version:	13.0.900	Trust: 1.8
vendor:	pc tools	model:	antivirus	scope:	eq	version:	7.0.3.5	Trust: 1.8
vendor:	f secure	model:	f-secure anti-virus	scope:	eq	version:	9.0.16160.0	Trust: 1.8
vendor:	kaspersky	model:	anti-virus	scope:	eq	version:	7.0.0.125	Trust: 1.8
vendor:	sophos	model:	anti-virus	scope:	eq	version:	4.61.0	Trust: 1.8
vendor:	fortinet	model:	antivirus	scope:	eq	version:	4.2.254.0	Trust: 1.8
vendor:	mcafee	model:	scan engine	scope:	eq	version:	5.400.0.1158	Trust: 1.8
vendor:	alwil	model:	avast antivirus	scope:	eq	version:	5.0.677.0	Trust: 1.0
vendor:	alwil	model:	avast antivirus	scope:	eq	version:	4.8.1351.0	Trust: 1.0
vendor:	ahnlab	model:	v3 internet security	scope:	eq	version:	2011.01.18.00	Trust: 1.0
vendor:	trendmicro	model:	trend micro antivirus	scope:	eq	version:	9.120.0.1004	Trust: 1.0
vendor:	gdata	model:	g data antivirus	scope:	eq	version:	21	Trust: 1.0
vendor:	rising global	model:	antivirus	scope:	eq	version:	22.83.00.03	Trust: 1.0
vendor:	microsoft	model:	security essentials	scope:	eq	version:	2.0	Trust: 1.0
vendor:	k7computing	model:	antivirus	scope:	eq	version:	9.77.3565	Trust: 1.0
vendor:	eset	model:	nod32 antivirus	scope:	eq	version:	5795	Trust: 1.0
vendor:	anti virus	model:	vba32	scope:	eq	version:	3.12.14.2	Trust: 1.0
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0	Trust: 1.0
vendor:	nprotect	model:	antivirus	scope:	eq	version:	2011-01-17.01	Trust: 1.0
vendor:	pandasecurity	model:	panda antivirus	scope:	eq	version:	10.0.2.7	Trust: 1.0
vendor:	mcafee	model:	gateway	scope:	eq	version:	2010.1c	Trust: 1.0
vendor:	norman	model:	antivirus \& antispyware	scope:	eq	version:	6.06.12	Trust: 1.0
vendor:	trendmicro	model:	housecall	scope:	eq	version:	9.120.0.1004	Trust: 1.0
vendor:	cat	model:	quick heal	scope:	eq	version:	11.00	Trust: 1.0
vendor:	f prot	model:	f-prot antivirus	scope:	eq	version:	4.6.2.117	Trust: 1.0
vendor:	avira	model:	antivir	scope:	eq	version:	7.11.1.163	Trust: 1.0
vendor:	avast s r o	model:	anti-virus	scope:	eq	version:	4.8.1351.0	Trust: 0.8
vendor:	avast s r o	model:	anti-virus	scope:	eq	version:	5.0.677.0	Trust: 0.8
vendor:	avira	model:	antivirus	scope:	eq	version:	7.11.1.163	Trust: 0.8
vendor:	rising	model:	antivirus	scope:	eq	version:	22.83.00.03	Trust: 0.8
vendor:	eset	model:	nod32 anti-virus	scope:	eq	version:	5795	Trust: 0.8
vendor:	frisk	model:	f-prot antivirus	scope:	eq	version:	4.6.2.117	Trust: 0.8
vendor:	g data	model:	antivirus	scope:	eq	version:	21	Trust: 0.8
vendor:	k7 computing	model:	antivirus	scope:	eq	version:	9.77.3565	Trust: 0.8
vendor:	norman	model:	antivirus	scope:	eq	version:	6.06.12	Trust: 0.8
vendor:	nprotect	model:	anti-virus	scope:	eq	version:	2011-01-17.01	Trust: 0.8
vendor:	panda security	model:	antivirus	scope:	eq	version:	10.0.2.7	Trust: 0.8
vendor:	virusblokada	model:	vba32	scope:	eq	version:	3.12.14.2	Trust: 0.8
vendor:	unlab	model:	v3 internet security	scope:	eq	version:	2011.01.18.00	Trust: 0.8
vendor:	quick heal k k	model:	heal	scope:	eq	version:	11.00	Trust: 0.8
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11	Trust: 0.8
vendor:	trend micro	model:	antivirus	scope:	eq	version:	9.120.0.1004	Trust: 0.8
vendor:	trend micro	model:	housecall	scope:	eq	version:	9.120.0.1004	Trust: 0.8
vendor:	microsoft	model:	security essentials	scope:	eq	version:	2.0 antimalware engine 1.1.6402.0	Trust: 0.8
vendor:	mcafee	model:	web gateway software	scope:	eq	version:	2010.1c	Trust: 0.8
vendor:	virusblokada	model:	vba32	scope:	eq	version:	3.12.142	Trust: 0.3
vendor:	ubuntu	model:	linux lts i386	scope:	eq	version:	12.04	Trust: 0.3
vendor:	ubuntu	model:	linux lts amd64	scope:	eq	version:	12.04	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.10	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.10	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	11.04	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	11.04	Trust: 0.3
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	11.04	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	11.04	Trust: 0.3
vendor:	ubuntu	model:	linux sparc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux powerpc	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux i386	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux arm	scope:	eq	version:	10.04	Trust: 0.3
vendor:	ubuntu	model:	linux amd64	scope:	eq	version:	10.04	Trust: 0.3
vendor:	trend micro	model:	virusbuster	scope:	eq	version:	13.6.1510	Trust: 0.3
vendor:	trend micro	model:	trend micro	scope:	eq	version:	9.1201004	Trust: 0.3
vendor:	trend micro	model:	housecall	scope:	eq	version:	9.1201004	Trust: 0.3
vendor:	symantec	model:	antivirus	scope:	eq	version:	20101.3103	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	12.1	Trust: 0.3
vendor:	s u s e	model:	opensuse	scope:	eq	version:	11.4	Trust: 0.3
vendor:	rising	model:	antivirus	scope:	eq	version:	22.8303	Trust: 0.3
vendor:	quick heal	model:	cat-quickheal	scope:	eq	version:	11.00	Trust: 0.3
vendor:	pctools	model:	antivirus	scope:	eq	version:	7.0.35	Trust: 0.3
vendor:	norman	model:	antivirus	scope:	eq	version:	6.6.12	Trust: 0.3
vendor:	microsoft	model:	antivirus	scope:	eq	version:	1.6402	Trust: 0.3
vendor:	mcafee	model:	mcafee-gw-edition 2010.1c	scope:	-	version:	-	Trust: 0.3
vendor:	mandrakesoft	model:	enterprise server x86 64	scope:	eq	version:	5	Trust: 0.3
vendor:	mandrakesoft	model:	enterprise server	scope:	eq	version:	5	Trust: 0.3
vendor:	kaspersky	model:	antivirus	scope:	eq	version:	7.0125	Trust: 0.3
vendor:	k7	model:	computing pvt ltd k7antivirus	scope:	eq	version:	9.77.3565	Trust: 0.3
vendor:	jiangmin	model:	jiangmin	scope:	eq	version:	13.0.900	Trust: 0.3
vendor:	ikarus	model:	antivirus t3.1.1.97.0	scope:	-	version:	-	Trust: 0.3
vendor:	g	model:	data software gdata	scope:	eq	version:	21	Trust: 0.3
vendor:	frisk	model:	software f-prot antivirus	scope:	eq	version:	4.6.2117	Trust: 0.3
vendor:	eset	model:	nod32	scope:	eq	version:	5795	Trust: 0.3
vendor:	emsisoft	model:	antivirus	scope:	eq	version:	5.11	Trust: 0.3
vendor:	clam	model:	anti-virus clamav	scope:	eq	version:	0.96.4	Trust: 0.3
vendor:	bitdefender	model:	antivirus	scope:	eq	version:	7.2	Trust: 0.3
vendor:	avira	model:	antivir engine	scope:	eq	version:	7.11.1163	Trust: 0.3
vendor:	avg	model:	anti-virus	scope:	eq	version:	10.01190	Trust: 0.3
vendor:	avast	model:	avast5 antivirus	scope:	eq	version:	5.0.6770	Trust: 0.3
vendor:	avast	model:	antivirus	scope:	eq	version:	4.8.1351.0	Trust: 0.3
vendor:	authentium	model:	command antivirus	scope:	eq	version:	5.2.115	Trust: 0.3
vendor:	antiy	model:	antiy-avl	scope:	eq	version:	2.0.37	Trust: 0.3
vendor:	ahnlab	model:	engine	scope:	eq	version:	v32011.01.18.00	Trust: 0.3

sources: BID: 52623 // JVNDB: JVNDB-2012-001869 // CNNVD: CNNVD-201203-422 // NVD: CVE-2012-1459

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-1459
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2012-1459
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201203-422
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-54740
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2012-1459
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-54740
severity:	MEDIUM
baseScore:	4.3
vectorString:	AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	8.6
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-54740 // JVNDB: JVNDB-2012-001869 // CNNVD: CNNVD-201203-422 // NVD: CVE-2012-1459

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-54740 // JVNDB: JVNDB-2012-001869 // NVD: CVE-2012-1459

THREAT TYPE

remote

Trust: 1.0

sources: PACKETSTORM: 115619 // PACKETSTORM: 113895 // PACKETSTORM: 113878 // PACKETSTORM: 113841 // CNNVD: CNNVD-201203-422

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201203-422

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-001869

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-54740

PATCH

title:	AVL SDK	url:	http://www.antiy.net/	Trust: 0.8
title:	Command Antivirus	url:	http://www.authentium.com/command/CSAVDownload.html	Trust: 0.8
title:	avast! Antivirus	url:	https://www.avast.co.jp/index	Trust: 0.8
title:	AVG Anti-Virus	url:	http://www.avgjapan.com/home-small-office-security/buy-antivirus	Trust: 0.8
title:	AntiVir	url:	http://www.avira.com/	Trust: 0.8
title:	Rising Antivirus	url:	http://www.rising-global.com/	Trust: 0.8
title:	Bitdefender	url:	http://www.bitdefender.com/	Trust: 0.8
title:	ClamAV	url:	http://www.clamav.net/lang/en/	Trust: 0.8
title:	Comodo Antivirus	url:	http://www.comodo.com/home/internet-security/antivirus.php	Trust: 0.8
title:	Emsisoft Anti-Malware	url:	http://www.emsisoft.com/en/software/antimalware/	Trust: 0.8
title:	ESET NOD32アンチウイルス	url:	http://www.eset.com/us/	Trust: 0.8
title:	Fortinet Antivirus	url:	http://www.fortinet.com/solutions/antivirus.html	Trust: 0.8
title:	F-Prot Antivirus	url:	http://www.f-prot.com/index.html	Trust: 0.8
title:	G Data AntiVirus	url:	http://www.gdata.co.jp/	Trust: 0.8
title:	Top Page	url:	http://www.ikarus.at/en/	Trust: 0.8
title:	Jiangmin Antivirus	url:	http://global.jiangmin.com/	Trust: 0.8
title:	K7 AntiVirus	url:	http://www.k7computing.com/en/consumer_home.php	Trust: 0.8
title:	McAfee Web Gateway	url:	http://www.mcafee.com/us/products/web-gateway.aspx	Trust: 0.8
title:	McAfee Scan Engine	url:	http://www.mcafee.com/us/support/support-eol-scan-engine.aspx	Trust: 0.8
title:	Norman Antivirus	url:	http://www.norman.com/products/antivirus_antispyware/en	Trust: 0.8
title:	nProtect Anti-Virus	url:	http://global.nprotect.com/product/avs.php	Trust: 0.8
title:	openSUSE-SU-2012:0833	url:	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html	Trust: 0.8
title:	Panda Antivirus	url:	http://www.ps-japan.co.jp/	Trust: 0.8
title:	PC Tools AntiVirus	url:	http://www.pctools.com/jp/spyware-doctor-antivirus/	Trust: 0.8
title:	Quick Heal	url:	http://www.quickheal.com/	Trust: 0.8
title:	Sophos Anti-Virus	url:	http://www.sophos.com/ja-jp/	Trust: 0.8
title:	Endpoint Protection	url:	http://www.symantec.com/ja/jp/endpoint-protection	Trust: 0.8
title:	Top Page	url:	http://jp.trendmicro.com/jp/home/index.html	Trust: 0.8
title:	Trend Micro HouseCall	url:	http://jp.trendmicro.com/jp/tools/housecall/index.html	Trust: 0.8
title:	VBA32	url:	http://anti-virus.by/en/index.shtml	Trust: 0.8
title:	VirusBuster	url:	http://www.virusbuster.hu/en	Trust: 0.8
title:	V3 Internet Security	url:	http://www.ahnlab.co.jp/product_service/product/b2b/v3is8.asp	Trust: 0.8
title:	Kaspersky Anti-Virus	url:	http://www.kaspersky.com/kaspersky_anti-virus	Trust: 0.8
title:	Microsoft Security Essentials	url:	http://windows.microsoft.com/ja-JP/windows/products/security-essentials	Trust: 0.8
title:	F-Secure Anti-Virus	url:	http://www.f-secure.com/ja/web/home_jp/protection/anti-virus/overview	Trust: 0.8

sources: JVNDB: JVNDB-2012-001869

EXTERNAL IDS

db:	NVD	id:	CVE-2012-1459	Trust: 3.2
db:	BID	id:	52623	Trust: 1.4
db:	OSVDB	id:	80396	Trust: 1.1
db:	OSVDB	id:	80389	Trust: 1.1
db:	OSVDB	id:	80391	Trust: 1.1
db:	OSVDB	id:	80403	Trust: 1.1
db:	OSVDB	id:	80395	Trust: 1.1
db:	OSVDB	id:	80390	Trust: 1.1
db:	OSVDB	id:	80392	Trust: 1.1
db:	OSVDB	id:	80393	Trust: 1.1
db:	OSVDB	id:	80409	Trust: 1.1
db:	OSVDB	id:	80406	Trust: 1.1
db:	OSVDB	id:	80407	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-001869	Trust: 0.8
db:	BUGTRAQ	id:	20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS	Trust: 0.6
db:	NSFOCUS	id:	19231	Trust: 0.6
db:	CNNVD	id:	CNNVD-201203-422	Trust: 0.6
db:	PACKETSTORM	id:	113878	Trust: 0.2
db:	PACKETSTORM	id:	115619	Trust: 0.2
db:	PACKETSTORM	id:	113895	Trust: 0.2
db:	VULHUB	id:	VHN-54740	Trust: 0.1
db:	PACKETSTORM	id:	113841	Trust: 0.1

sources: VULHUB: VHN-54740 // BID: 52623 // JVNDB: JVNDB-2012-001869 // PACKETSTORM: 115619 // PACKETSTORM: 113895 // PACKETSTORM: 113878 // PACKETSTORM: 113841 // CNNVD: CNNVD-201203-422 // NVD: CVE-2012-1459

REFERENCES

url:	http://www.securityfocus.com/archive/1/522005	Trust: 1.7
url:	http://www.ieee-security.org/tc/sp2012/program.html	Trust: 1.7
url:	http://www.securityfocus.com/bid/52623	Trust: 1.1
url:	http://www.mandriva.com/security/advisories?name=mdvsa-2012:094	Trust: 1.1
url:	http://osvdb.org/80389	Trust: 1.1
url:	http://osvdb.org/80390	Trust: 1.1
url:	http://osvdb.org/80391	Trust: 1.1
url:	http://osvdb.org/80392	Trust: 1.1
url:	http://osvdb.org/80393	Trust: 1.1
url:	http://osvdb.org/80395	Trust: 1.1
url:	http://osvdb.org/80396	Trust: 1.1
url:	http://osvdb.org/80403	Trust: 1.1
url:	http://osvdb.org/80406	Trust: 1.1
url:	http://osvdb.org/80407	Trust: 1.1
url:	http://osvdb.org/80409	Trust: 1.1
url:	http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/74302	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1459	Trust: 0.9
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1459	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/19231	Trust: 0.6
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1459	Trust: 0.4
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1458	Trust: 0.4
url:	http://www.antiy.net	Trust: 0.3
url:	http://www.authentium.com	Trust: 0.3
url:	http://www.avast.com	Trust: 0.3
url:	http://www.avg.com	Trust: 0.3
url:	http://www.avira.com/	Trust: 0.3
url:	http://www.bitdefender.com	Trust: 0.3
url:	http://www.emsisoft.com/en/software/antimalware/	Trust: 0.3
url:	http://eset.com	Trust: 0.3
url:	http://www.f-prot.com/	Trust: 0.3
url:	http://www.gdatasoftware.com	Trust: 0.3
url:	http://www.ikarus.at	Trust: 0.3
url:	http://global.jiangmin.com/	Trust: 0.3
url:	http://www.k7computing.com/en/product/k7-antivirusplus.php	Trust: 0.3
url:	http://www.kaspersky.com/	Trust: 0.3
url:	http://www.mcafee.com/	Trust: 0.3
url:	http://www.microsoft.com	Trust: 0.3
url:	http://anti-virus-software-review.toptenreviews.com/norman-review.html	Trust: 0.3
url:	http://www.pctools.com/spyware-doctor-antivirus/	Trust: 0.3
url:	http://www.quickheal.com/	Trust: 0.3
url:	http://www.rising-global.com/	Trust: 0.3
url:	http://www.symantec.com	Trust: 0.3
url:	http://www.trend.com	Trust: 0.3
url:	http://anti-virus.by/en/index.shtml	Trust: 0.3
url:	/archive/1/522005	Trust: 0.3
url:	http://www.ubuntu.com/usn/usn-1482-1	Trust: 0.3
url:	https://nvd.nist.gov/vuln/detail/cve-2012-1457	Trust: 0.2
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.3	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-1482-3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.3	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.3	Trust: 0.1
url:	https://launchpad.net/bugs/1015405	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.2	Trust: 0.1
url:	https://launchpad.net/bugs/1015337	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.2	Trust: 0.1
url:	http://www.ubuntu.com/usn/usn-1482-2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.2	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.96.5+dfsg-1ubuntu1.10.04.4	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.10.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.12.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.97.5+dfsg-1ubuntu0.11.04.1	Trust: 0.1
url:	http://www.mandriva.com/security/	Trust: 0.1
url:	http://www.mandriva.com/security/advisories	Trust: 0.1
url:	http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=changelog;hb=clamav-0.97.5	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1457	Trust: 0.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1458	Trust: 0.1

CREDITS

Suman Jana and Vitaly Shmatikov

Trust: 0.3

sources: BID: 52623

SOURCES

db:	VULHUB	id:	VHN-54740
db:	BID	id:	52623
db:	JVNDB	id:	JVNDB-2012-001869
db:	PACKETSTORM	id:	115619
db:	PACKETSTORM	id:	113895
db:	PACKETSTORM	id:	113878
db:	PACKETSTORM	id:	113841
db:	CNNVD	id:	CNNVD-201203-422
db:	NVD	id:	CVE-2012-1459

LAST UPDATE DATE

2024-11-23T21:46:27.813000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-54740	date:	2018-01-18T00:00:00
db:	BID	id:	52623	date:	2015-04-13T22:00:00
db:	JVNDB	id:	JVNDB-2012-001869	date:	2012-07-25T00:00:00
db:	CNNVD	id:	CNNVD-201203-422	date:	2012-04-01T00:00:00
db:	NVD	id:	CVE-2012-1459	date:	2024-11-21T01:37:02.073

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-54740	date:	2012-03-21T00:00:00
db:	BID	id:	52623	date:	2012-03-20T00:00:00
db:	JVNDB	id:	JVNDB-2012-001869	date:	2012-03-23T00:00:00
db:	PACKETSTORM	id:	115619	date:	2012-08-17T02:36:21
db:	PACKETSTORM	id:	113895	date:	2012-06-20T03:33:06
db:	PACKETSTORM	id:	113878	date:	2012-06-20T02:54:11
db:	PACKETSTORM	id:	113841	date:	2012-06-19T00:56:02
db:	CNNVD	id:	CNNVD-201203-422	date:	2012-03-26T00:00:00
db:	NVD	id:	CVE-2012-1459	date:	2012-03-21T10:11:49.597