Description
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/522005
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80427
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52598
Various Sources x_refsource_misc
http://www.ieee-security.org/TC/SP2012/program.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80428
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80426
Scores
EPSS
0.0284
EPSS Percentile
86.4%
Details
CWE
CWE-264
Status
published
Products (11)
aladdin/esafe
7.0.17.0
antiy/avl_sdk
2.0.3.7
cat/quick_heal
11.00
f-secure/f-secure_anti-virus
9.0.16160.0
fortinet/fortinet_antivirus
4.2.254.0
kaspersky/kaspersky_anti-virus
7.0.0.125
mcafee/gateway
2010.1c
mcafee/scan_engine
5.400.0.1158
pandasecurity/panda_antivirus
10.0.2.7
rising-global/rising_antivirus
22.83.00.03
... and 1 more
Published
Mar 21, 2012
Tracked Since
Feb 18, 2026