PT-2012-3244 · Cisco+1 · Clamav+1

Published

2012-03-21

Updated

2012-08-14

CVE-2012-1419

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions ClamAV version 0.96.4 Quick Heal version 11.00

Description The issue concerns the TAR file parser, which allows remote attackers to bypass malware detection. This is achieved by using a POSIX TAR file that contains an initial [aliases] character sequence.

Recommendations For ClamAV version 0.96.4, update to a newer version that addresses this issue. For Quick Heal version 11.00, update to a newer version that addresses this issue. As a temporary workaround, consider restricting the use of TAR file parsing functionality until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-1419

Affected Products

Clamav

Quick Heal

PT-2012-3244 · Cisco+1 · Clamav+1

CVE-2012-1419

Weakness Enumeration

Related Identifiers

Affected Products

References · 8