CVE-2012-1454

eSafe 7.0.17.0 - Malware Detection Bypass via Modified ELF ei_version Field

Title source: llm
STIX 2.1

Description

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/80432
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/522005
Various Sources x_refsource_misc
http://www.ieee-security.org/TC/SP2012/program.html

Scores

EPSS 0.0014
EPSS Percentile 33.1%

Details

CWE
CWE-264
Status published
Products (6)
aladdin/esafe 7.0.17.0
drweb/dr.web_antivirus 5.0.2.03300
fortinet/fortinet_antivirus 4.2.254.0
mcafee/gateway 2010.1c
pandasecurity/panda_antivirus 10.0.2.7
rising-global/rising_antivirus 22.83.00.03
Published Mar 21, 2012
Tracked Since Feb 18, 2026