CVE-2012-1419

Name of the Vulnerable Software and Affected Versions ClamAV version 0.96.4 Quick Heal version 11.00

Description The issue concerns the TAR file parser, which allows remote attackers to bypass malware detection. This is achieved by using a POSIX TAR file that contains an initial [aliases] character sequence.

Recommendations For ClamAV version 0.96.4, update to a newer version that addresses this issue. For Quick Heal version 11.00, update to a newer version that addresses this issue. As a temporary workaround, consider restricting the use of TAR file parsing functionality until a patch is available.