PT-2012-3246 · Norman+3 · Norman Antivirus+3
Published
2012-03-21
·
Updated
2012-12-20
·
CVE-2012-1421
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Quick Heal versions 11.00
Norman Antivirus version 6.06.12
Rising Antivirus version 22.83.00.03
Symantec Endpoint Protection version 11
Description
The issue concerns a TAR file parser that allows remote attackers to bypass malware detection. This is achieved by using a POSIX TAR file with an initial MSCF character sequence.
Recommendations
For Quick Heal version 11.00, consider disabling the TAR file parser until a patch is available.
For Norman Antivirus version 6.06.12, restrict access to the TAR file parser to minimize the risk of exploitation.
For Rising Antivirus version 22.83.00.03, avoid using the TAR file parser in situations where malware detection is critical.
For Symantec Endpoint Protection version 11, as a temporary workaround, consider disabling the AVEngine 20101.3.0.103 component until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Norman Antivirus
Quick Heal
Rising Antivirus
Symantec Endpoint Protection