Vulnerability CVE-2012-1463


Published: 2012-03-21

Description:
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: F-secure
Product: F-secure anti-virus 
Version: 9.0.16160.0;
Vendor: Comodo
Product: Comodo antivirus 
Version: 7424;
Vendor: Bitdefender
Product: Bitdefender 
Version: 7.2;
Vendor: Aladdin
Product: Esafe 
Version: 7.0.17.0;
Vendor: Norman
Product: Norman antivirus & antispyware 
Version: 6.06.12;
Vendor: Mcafee
Product: Scan engine 
Version: 5.400.0.1158;
Vendor: Authentium
Product: Command antivirus 
Version: 5.2.11.5;
Vendor: F-prot
Product: F-prot antivirus 
Version: 4.6.2.117;
Vendor: Ahnlab
Product: V3 internet security 
Version: 2011.01.18.00;
Vendor: Nprotect
Product: Nprotect antivirus 
Version: 2011-01-17.01;
Vendor: CAT
Product: Quick heal 
Version: 11.00;
Vendor: Pandasecurity
Product: Panda antivirus 
Version: 10.0.2.7;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://www.securityfocus.com/archive/1/522005
http://www.ieee-security.org/TC/SP2012/program.html

Related CVE
CVE-2019-12042
Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event Global\PandaDevicesAgentSharedMemoryChange in Panda products before 18.07.03 allow attackers to queue an event (as an encrypted JSON string) to the system s...
CVE-2018-6322
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group...
CVE-2018-6321
Unquoted Windows search path vulnerability in the panda_url_filtering service in Panda Global Protection 17.0.1 allows local users to gain privileges via a malicious artefact.
CVE-2017-17684
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request.
CVE-2017-17683
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request.
CVE-2017-8060
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.
CVE-2017-8339
PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver.
CVE-2016-3943
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modif...

Copyright 2019, cxsecurity.com

 

Back to Top