RAR File Parsing Vulnerabilities in Multiple Antivirus Products
CVE-2012-1443

Currently unrated

Key Information:

Vendor: Bitdefender
Status: Bitdefender; V3 Internet Security; Avast Antivirus; Norman Antivirus \& Antispyware
Vendor: CVE Published:; 21 March 2012

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2012-1443?

A flaw in the RAR file parser across various antivirus products allows remote attackers to exploit the vulnerable software. This vulnerability arises from an improper handling of RAR files containing an initial MZ sequence. Attackers can bypass malware detection mechanisms by crafting specific RAR files, making it essential for users of the affected products to apply security updates and patches promptly to mitigate potential risks.

References

http://osvdb.org/80472

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/archive/1/522005

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/52612

vdb-entryx_refsource_BID

EPSS Score

56% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 21, 2012
Vulnerability Reserved
Feb 29, 2012