CVE-2012-1422

CWE-2644 documents4 sources

Severity

4.3MEDIUM

EPSS

0.2%

top 57.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

CAT Quick Heal Eset Nod32 Antivirus Norman Norman Antivirus \& Antispyware +1 more

Timeline

PublishedMar 21

Latest updateMay 17

Description

The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial ITSF character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

▶NVDeset/nod32_antivirus5795

▶NVDrising-global/rising_antivirus22.83.00.03

▶NVDnorman/norman_antivirus_\&_antispyware6.06.12

▶NVDcat/quick_heal11.00

🔴Vulnerability Details

GHSA

GHSA-888q-jmrh-h9j2: The TAR file parser in Quick Heal (aka Cat QuickHeal) 11↗2022-05-17

▶

CVEList

CVE-2012-1422: The TAR file parser in Quick Heal (aka Cat QuickHeal) 11↗2012-03-21

▶

💥Exploits & PoCs

Exploit-DB

phpBookingCalendar 10 d - SQL Injection↗2008-05-29

▶