CVE-2012-1444

CWE-2643 documents3 sources

Severity

4.3MEDIUM

EPSS

0.5%

top 34.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Aladdin Esafe Fortinet Fortinet Antivirus Pandasecurity Panda Antivirus +1 more

Timeline

PublishedMar 21

Latest updateMay 17

Description

The ELF file parser in eSafe 7.0.17.0, Prevx 3.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified abiversion field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

▶NVDfortinet/fortinet_antivirus4.2.254.0

▶NVDpandasecurity/panda_antivirus10.0.2.7

▶NVDprevx/prevx3.0

▶NVDaladdin/esafe7.0.17.0

🔴Vulnerability Details

GHSA

GHSA-xv7j-8v8v-h429: The ELF file parser in eSafe 7↗2022-05-17

▶

CVEList

CVE-2012-1444: The ELF file parser in eSafe 7↗2012-03-21

▶