CVE-2012-1447

CWE-2643 documents3 sources
Severity
4.3MEDIUM
EPSS
0.5%
top 34.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Aladdin EsafeDrweb Dr.web AntivirusFortinet Fortinet Antivirus+1 more
Timeline
PublishedMar 21
Latest updateMay 17

Description

The ELF file parser in Fortinet Antivirus 4.2.254.0, eSafe 7.0.17.0, Dr.Web 5.0.2.03300, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified e_version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

NVDdrweb/dr.web_antivirus5.0.2.03300
NVDaladdin/esafe7.0.17.0

🔴Vulnerability Details

2
GHSA
GHSA-r8rv-6xv7-fhw6: The ELF file parser in Fortinet Antivirus 42022-05-17
CVEList
CVE-2012-1447: The ELF file parser in Fortinet Antivirus 42012-03-21
CVE-2012-1447 (MEDIUM CVSS 4.3) | The ELF file parser in Fortinet Ant | cvebase.io