TAR File Parsing Vulnerability in Multiple Antivirus Products
CVE-2012-1459

Currently unrated

Key Information:

Vendor: Bitdefender
Status: Bitdefender; V3 Internet Security; Avast Antivirus; Norman Antivirus \& Antispyware
Vendor: CVE Published:; 21 March 2012

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2012-1459?

A vulnerability exists in the TAR file parser used by several antivirus products, allowing remote attackers to bypass malware detection. The issue arises when a TAR archive entry's length field is incorrectly calculated, which may enable attackers to exploit this flaw and introduce malicious files undetected into a system.

References

http://lists.opensuse.org/opensuse-security-announce/2012...

vendor-advisoryx_refsource_SUSE

http://osvdb.org/80406

vdb-entryx_refsource_OSVDB

http://osvdb.org/80393

vdb-entryx_refsource_OSVDB

EPSS Score

91% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 21, 2012
Vulnerability Reserved
Feb 29, 2012