CVE-2012-1442
First published: Wed Mar 21 2012(Updated: )
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, F-Secure Anti-Virus 9.0.16160.0, Sophos Anti-Virus 4.61.0, Antiy Labs AVL SDK 2.0.3.7, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified class field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Aladdin eSafe | =7.0.17.0 | |
| Antiy AVL SDK | =2.0.3.7 | |
| QuickHeal CAT QuickHeal | =11.00 | |
| f-secure f-secure anti-virus | =9.0.16160.0 | |
| Fortinet Antivirus | =4.2.254.0 | |
| Kaspersky Anti-Virus | =7.0.0.125 | |
| McAfee Gateway | =2010.1c | |
| McAfee Scan Engine | =5.400.0.1158 | |
| Panda Security | =10.0.2.7 | |
| Rising Antivirus | =22.83.00.03 | |
| Sophos Anti-Virus | =4.61.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-1442?
CVE-2012-1442 is classified as a medium severity vulnerability.
How do I fix CVE-2012-1442?
To fix CVE-2012-1442, update your affected antivirus software to the latest version that addresses this vulnerability.
Which software is affected by CVE-2012-1442?
CVE-2012-1442 affects several antivirus software solutions including Quick Heal 11.00, Kaspersky Anti-Virus 7.0.0.125, and others.
What type of vulnerability is CVE-2012-1442?
CVE-2012-1442 is a vulnerability in the ELF file parser used by several antivirus applications.
Is there a workaround for CVE-2012-1442?
Currently, the best approach to mitigate CVE-2012-1442 is to promptly update the affected antivirus software.
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/event
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/aladdin
- canonical/aladdin esafe
- version/aladdin esafe/7.0.17.0
- vendor/antiy
- canonical/antiy avl sdk
- version/antiy avl sdk/2.0.3.7
- vendor/cat
- canonical/quickheal cat quickheal
- version/quickheal cat quickheal/11.00
- vendor/f-secure
- canonical/f-secure f-secure anti-virus
- version/f-secure f-secure anti-virus/9.0.16160.0
- vendor/fortinet
- canonical/fortinet antivirus
- version/fortinet antivirus/4.2.254.0
- vendor/kaspersky
- canonical/kaspersky anti-virus
- version/kaspersky anti-virus/7.0.0.125
- vendor/mcafee
- canonical/mcafee gateway
- version/mcafee gateway/2010.1c
- canonical/mcafee scan engine
- version/mcafee scan engine/5.400.0.1158
- vendor/pandasecurity
- canonical/panda security
- version/panda security/10.0.2.7
- vendor/rising-global
- canonical/rising antivirus
- version/rising antivirus/22.83.00.03
- vendor/sophos
- canonical/sophos anti-virus
- version/sophos anti-virus/4.61.0