CVE-2012-1429
eSafe 7.0.17.0 - Malware Detection Bypass via ELF File ustar Character Sequence
Title source: llmDescription
The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74244
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/522005
Various Sources x_refsource_misc
http://www.ieee-security.org/TC/SP2012/program.html
Scores
EPSS
0.0505
EPSS Percentile
89.9%
Details
CWE
CWE-264
Status
published
Products (9)
aladdin/esafe
7.0.17.0
comodo/comodo_antivirus
7424
emsisoft/anti-malware
5.1.0.1
f-secure/f-secure_anti-virus
9.0.16160.0
ikarus/ikarus_virus_utilities_t3_command_line_scanner
1.1.97.0
mcafee/gateway
2010.1c
mcafee/scan_engine
5.400.0.1158
nprotect/nprotect_antivirus
2011-01-17.01
softwin/bitdefender
7.2
Published
Mar 21, 2012
Tracked Since
Feb 18, 2026