CVE-2012-1460

Name of the Vulnerable Software and Affected Versions Antiy Labs AVL SDK version 2.0.3.7 Quick Heal version 11.00 Command Antivirus version 5.2.11.5 eSafe version 7.0.17.0 F-Prot Antivirus version 4.6.2.117 Jiangmin Antivirus version 13.0.900 K7 AntiVirus version 9.77.3565 VBA32 version 3.12.14.2

Description The issue allows remote attackers to bypass malware detection by using a .tar.gz file with stray bytes at the end. This is related to the Gzip file parser in the affected software.

Recommendations For Antiy Labs AVL SDK version 2.0.3.7, update to a version that fixes the Gzip file parser issue. For Quick Heal version 11.00, update to a version that fixes the Gzip file parser issue. For Command Antivirus version 5.2.11.5, update to a version that fixes the Gzip file parser issue. For eSafe version 7.0.17.0, update to a version that fixes the Gzip file parser issue. For F-Prot Antivirus version 4.6.2.117, update to a version that fixes the Gzip file parser issue. For Jiangmin Antivirus version 13.0.900, update to a version that fixes the Gzip file parser issue. For K7 AntiVirus version 9.77.3565, update to a version that fixes the Gzip file parser issue. For VBA32 version 3.12.14.2, update to a version that fixes the Gzip file parser issue.