CVE-2012-1446
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
El analizador de archivos ELF en Quick Heal (también conocido como Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning 5.400.0.1158, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Norman Antivirus 6.6.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0 .0.125, McAfee gateway (anteriormente Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Antivirus Vet 36.1.8511, Laboratorios Antiy AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, y Panda Antivirus 10.0.2.7 permite a atacantes remotos evitar la detección de malware a través de un archivo ELF con un campo encoding modificado. NOTA: esto más adelante se puede dividir en varios CVEs si la información adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador ELF.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2012-02-29 CVE Reserved
- 2012-03-19 CVE Published
- 2024-08-06 CVE Updated
- 2024-11-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (8)
URL | Tag | Source |
---|---|---|
http://osvdb.org/80426 | Vdb Entry | |
http://osvdb.org/80427 | Vdb Entry | |
http://osvdb.org/80428 | Vdb Entry | |
http://osvdb.org/80430 | Vdb Entry | |
http://osvdb.org/80431 | Vdb Entry | |
http://www.ieee-security.org/TC/SP2012/program.html | X_refsource_misc | |
http://www.securityfocus.com/archive/1/522005 | Mailing List | |
http://www.securityfocus.com/bid/52600 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Aladdin Search vendor "Aladdin" | Esafe Search vendor "Aladdin" for product "Esafe" | 7.0.17.0 Search vendor "Aladdin" for product "Esafe" and version "7.0.17.0" | - |
Affected
| ||||||
Antiy Search vendor "Antiy" | Avl Sdk Search vendor "Antiy" for product "Avl Sdk" | 2.0.3.7 Search vendor "Antiy" for product "Avl Sdk" and version "2.0.3.7" | - |
Affected
| ||||||
Ca Search vendor "Ca" | Etrust Vet Antivirus Search vendor "Ca" for product "Etrust Vet Antivirus" | 36.1.8511 Search vendor "Ca" for product "Etrust Vet Antivirus" and version "36.1.8511" | - |
Affected
| ||||||
Cat Search vendor "Cat" | Quick Heal Search vendor "Cat" for product "Quick Heal" | 11.00 Search vendor "Cat" for product "Quick Heal" and version "11.00" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortinet Antivirus Search vendor "Fortinet" for product "Fortinet Antivirus" | 4.2.254.0 Search vendor "Fortinet" for product "Fortinet Antivirus" and version "4.2.254.0" | - |
Affected
| ||||||
Kaspersky Search vendor "Kaspersky" | Kaspersky Anti-virus Search vendor "Kaspersky" for product "Kaspersky Anti-virus" | 7.0.0.125 Search vendor "Kaspersky" for product "Kaspersky Anti-virus" and version "7.0.0.125" | - |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Gateway Search vendor "Mcafee" for product "Gateway" | 2010.1c Search vendor "Mcafee" for product "Gateway" and version "2010.1c" | - |
Affected
| ||||||
Mcafee Search vendor "Mcafee" | Scan Engine Search vendor "Mcafee" for product "Scan Engine" | 5.400.0.1158 Search vendor "Mcafee" for product "Scan Engine" and version "5.400.0.1158" | - |
Affected
| ||||||
Norman Search vendor "Norman" | Norman Antivirus \& Antispyware Search vendor "Norman" for product "Norman Antivirus \& Antispyware" | 6.06.12 Search vendor "Norman" for product "Norman Antivirus \& Antispyware" and version "6.06.12" | - |
Affected
| ||||||
Pandasecurity Search vendor "Pandasecurity" | Panda Antivirus Search vendor "Pandasecurity" for product "Panda Antivirus" | 10.0.2.7 Search vendor "Pandasecurity" for product "Panda Antivirus" and version "10.0.2.7" | - |
Affected
| ||||||
Pc Tools Search vendor "Pc Tools" | Pc Tools Antivirus Search vendor "Pc Tools" for product "Pc Tools Antivirus" | 7.0.3.5 Search vendor "Pc Tools" for product "Pc Tools Antivirus" and version "7.0.3.5" | - |
Affected
| ||||||
Rising-global Search vendor "Rising-global" | Rising Antivirus Search vendor "Rising-global" for product "Rising Antivirus" | 22.83.00.03 Search vendor "Rising-global" for product "Rising Antivirus" and version "22.83.00.03" | - |
Affected
| ||||||
Sophos Search vendor "Sophos" | Sophos Anti-virus Search vendor "Sophos" for product "Sophos Anti-virus" | 4.61.0 Search vendor "Sophos" for product "Sophos Anti-virus" and version "4.61.0" | - |
Affected
| ||||||
Symantec Search vendor "Symantec" | Endpoint Protection Search vendor "Symantec" for product "Endpoint Protection" | 11.0 Search vendor "Symantec" for product "Endpoint Protection" and version "11.0" | - |
Affected
|