PT-2012-3264 · Fortinet+3 · Fortinet Antivirus+3
Publicado
2012-03-21
·
Atualizado
2012-07-28
·
CVE-2012-1439
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
eSafe version 7.0.17.0
Rising Antivirus version 22.83.00.03
Fortinet Antivirus version 4.2.254.0
Panda Antivirus version 10.0.2.7
Description
The issue allows remote attackers to bypass malware detection. This is achieved through an ELF file with a modified padding field, exploiting a weakness in the ELF file parser.
Recommendations
For eSafe version 7.0.17.0, consider disabling the ELF file parser until a patch is available.
For Rising Antivirus version 22.83.00.03, restrict access to the ELF file parser to minimize the risk of exploitation.
For Fortinet Antivirus version 4.2.254.0, avoid processing ELF files with modified padding fields until the issue is resolved.
For Panda Antivirus version 10.0.2.7, as a temporary workaround, consider restricting the use of the ELF file parser until a fix is provided.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Fortinet Antivirus
Panda Antivirus
Rising Antivirus
Esafe