CVE-2012-1420
First published: Wed Mar 21 2012(Updated: )
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Panda Antivirus 10.0.2.7, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \7fELF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Authentium Command Antivirus | =5.2.11.5 | |
| QuickHeal CAT QuickHeal | =11.00 | |
| ESET NOD32 Antivirus | =5795 | |
| F-PROT Antivirus | =4.6.2.117 | |
| Fortinet Antivirus | =4.2.254.0 | |
| K7 Computing AntiVirus | =9.77.3565 | |
| Kaspersky Anti-Virus | =7.0.0.125 | |
| Microsoft Security Essentials | =2.0 | |
| Norman Antivirus & Antispyware | =6.06.12 | |
| Panda Security | =10.0.2.7 | |
| Rising Antivirus | =22.83.00.03 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-1420?
CVE-2012-1420 is classified as a high-severity vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2012-1420?
To fix CVE-2012-1420, users should update their antivirus software to the latest version provided by the vendor.
Which software is affected by CVE-2012-1420?
CVE-2012-1420 affects several antivirus software products including Quick Heal, Command Antivirus, and Kaspersky Anti-Virus.
What type of vulnerability is CVE-2012-1420?
CVE-2012-1420 is a vulnerability in the TAR file parser that can lead to remote code execution.
Can CVE-2012-1420 affect my computer's security?
Yes, CVE-2012-1420 can significantly compromise your computer's security if left unpatched.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/authentium
- canonical/authentium command antivirus
- version/authentium command antivirus/5.2.11.5
- vendor/cat
- canonical/quickheal cat quickheal
- version/quickheal cat quickheal/11.00
- vendor/eset
- canonical/eset nod32 antivirus
- version/eset nod32 antivirus/5795
- vendor/f-prot
- canonical/f-prot antivirus
- version/f-prot antivirus/4.6.2.117
- vendor/fortinet
- canonical/fortinet antivirus
- version/fortinet antivirus/4.2.254.0
- vendor/k7computing
- canonical/k7 computing antivirus
- version/k7 computing antivirus/9.77.3565
- vendor/kaspersky
- canonical/kaspersky anti-virus
- version/kaspersky anti-virus/7.0.0.125
- vendor/microsoft
- canonical/microsoft security essentials
- version/microsoft security essentials/2.0
- vendor/norman
- canonical/norman antivirus & antispyware
- version/norman antivirus & antispyware/6.06.12
- vendor/pandasecurity
- canonical/panda security
- version/panda security/10.0.2.7
- vendor/rising-global
- canonical/rising antivirus
- version/rising antivirus/22.83.00.03