CVE-2012-1421
Quick Heal 11.00 - Malware Detection Bypass via POSIX TAR File with MSCF Character Sequence
Title source: llmDescription
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MSCF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://www.ieee-security.org/TC/SP2012/program.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/522005
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80409
Scores
EPSS
0.0019
EPSS Percentile
40.6%
Details
CWE
CWE-264
Status
published
Products (4)
cat/quick_heal
11.00
norman/norman_antivirus_\&_antispyware
6.06.12
rising-global/rising_antivirus
22.83.00.03
symantec/endpoint_protection
11.0
Published
Mar 21, 2012
Tracked Since
Feb 18, 2026