CVE-2020-9362

HIGH

Quickheal Antivirus For Server - Interpretation Conflict

Title source: rule
STIX 2.1

Description

The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.

References (4)

Scores

CVSS v3 7.8
EPSS 0.0021
EPSS Percentile 43.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-436
Status published
Products (6)
quickheal/antivirus_for_server 2019-11
quickheal/antivirus_pro 2019-11
quickheal/home_security 2019-11
quickheal/internet_security 2019-11
quickheal/total_security 2019-11 (3 CPE variants)
quickheal/total_security_multi-device 2019-11
Published Feb 24, 2020
Tracked Since Feb 18, 2026