CVE-2012-1462 in Symantec Endpoint Protection AVEngineinfo

Zusammenfassung (Englisch)

The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations.

Reservieren

29.02.2012

Veröffentlichung

21.03.2012

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
4946	Symantec Endpoint Protection AVEngine ZIP erweiterte Rechte	264	Proof-of-Concept	Unavailable	CVE-2012-1462
4945	Sophos Anti-Virus ZIP erweiterte Rechte	264	Proof-of-Concept	Unavailable	CVE-2012-1462
4944	Norman Antivirus ZIP erweiterte Rechte	264	Proof-of-Concept	Unavailable	CVE-2012-1462

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Do you know our Splunk app?

Download it now for free!