CVE-2012-1424

Antiy AVL SDK 2.0.3.7 - Malware Detection Bypass via TAR File Parser

Title source: llm

Description

The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/522005

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/80391

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/80409

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/80392

Various Sources x_refsource_misc

http://www.ieee-security.org/TC/SP2012/program.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/80390

Scores

EPSS 0.0415

EPSS Percentile 88.8%

Details

CWE

CWE-264

Status published

Products (6)

antiy/avl_sdk 2.0.3.7

cat/quick_heal 11.00

jiangmin/jiangmin_antivirus 13.0.900

norman/norman_antivirus_\&_antispyware 6.06.12

pc_tools/pc_tools_antivirus 7.0.3.5

sophos/sophos_anti-virus 4.61.0

Published Mar 21, 2012

Tracked Since Feb 18, 2026