Vulnerability in TAR File Parser for ClamAV and Quick Heal Products
CVE-2012-1419

Currently unrated

Key Information:

Vendor: Clamav
Status: Clamav; Quick Heal
Vendor: CVE Published:; 21 March 2012

What is CVE-2012-1419?

The TAR file parser in ClamAV versions 0.96.4 and Quick Heal 11.00 is susceptible to a vulnerability that permits remote attackers to circumvent malware detection. By utilizing a specially crafted POSIX TAR file containing an initial '[aliases]' character sequence, attackers can exploit this weakness to evade detection systems, potentially allowing malicious files to remain undetected on affected systems. Security best practices recommend patching and updating to mitigate this threat and ensure robust protection against such evasion tactics.

References

http://www.securityfocus.com/archive/1/522005

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/52572

vdb-entryx_refsource_BID

http://osvdb.org/80409

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Mar 21, 2012
Vulnerability Reserved
Feb 29, 2012

Clamav

What is CVE-2012-1419?

References

Timeline