Gzip File Parser Vulnerability in Multiple Antivirus Products
CVE-2012-1461

Currently unrated

Key Information:

Vendor: Bitdefender
Status: Bitdefender; Norman Antivirus \& Antispyware; Rising Antivirus; Vba32
Vendor: CVE Published:; 21 March 2012

🔔 Create Bitdefender Vulnerability Alert

What is CVE-2012-1461?

Certain antivirus products are vulnerable to a file parsing issue within the Gzip file parser, which allows remote attackers to bypass malware detection mechanisms. This flaw can be exploited by crafting a specially formatted .tar.gz file containing multiple compressed streams. As a result, malicious files may evade detection and compromise the security posture of affected systems.

References

http://osvdb.org/80502

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/52626

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/522005

mailing-listx_refsource_BUGTRAQ

EPSS Score

82% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 21, 2012
Vulnerability Reserved
Feb 29, 2012