Executive Summary

Informations
Name CVE-2012-1443 First vendor Publication 2012-03-21
Vendor Cve Last vendor Modification 2012-11-06

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1443

CWE : Common Weakness Enumeration

idName
CWE-264Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application1
Application2
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1
Application1

Internal Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/52612
BUGTRAQ http://www.securityfocus.com/archive/1/522005
MISC http://www.ieee-security.org/TC/SP2012/program.html
OSVDB http://osvdb.org/80454
http://osvdb.org/80455
http://osvdb.org/80456
http://osvdb.org/80457
http://osvdb.org/80458
http://osvdb.org/80459
http://osvdb.org/80460
http://osvdb.org/80461
http://osvdb.org/80467
http://osvdb.org/80468
http://osvdb.org/80469
http://osvdb.org/80470
http://osvdb.org/80471
http://osvdb.org/80472

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-10 22:35:44
  • Multiple Updates