Vulnerability CVE-2012-1463


Published: 2012-03-21

Description:
The ELF file parser in AhnLab V3 Internet Security 2011.01.18.00, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Norman Antivirus 6.06.12, nProtect Anti-Virus 2011-01-17.01, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified endianness field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: F-secure
Product: F-secure anti-virus 
Version: 9.0.16160.0;
Vendor: Comodo
Product: Comodo antivirus 
Version: 7424;
Vendor: Bitdefender
Product: Bitdefender 
Version: 7.2;
Vendor: Aladdin
Product: Esafe 
Version: 7.0.17.0;
Vendor: Norman
Product: Norman antivirus & antispyware 
Version: 6.06.12;
Vendor: Mcafee
Product: Scan engine 
Version: 5.400.0.1158;
Vendor: Authentium
Product: Command antivirus 
Version: 5.2.11.5;
Vendor: F-prot
Product: F-prot antivirus 
Version: 4.6.2.117;
Vendor: Ahnlab
Product: V3 internet security 
Version: 2011.01.18.00;
Vendor: Nprotect
Product: Nprotect antivirus 
Version: 2011-01-17.01;
Vendor: CAT
Product: Quick heal 
Version: 11.00;
Vendor: Pandasecurity
Product: Panda antivirus 
Version: 10.0.2.7;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.3/10
2.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None

 References:
http://www.securityfocus.com/archive/1/522005
http://www.ieee-security.org/TC/SP2012/program.html

Related CVE
CVE-2018-6322
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group...
CVE-2018-6321
Unquoted Windows search path vulnerability in the panda_url_filtering service in Panda Global Protection 17.0.1 allows local users to gain privileges via a malicious artefact.
CVE-2017-17684
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c04 \\.\PSMEMDriver DeviceIoControl request.
CVE-2017-17683
Panda Global Protection 17.0.1 allows a system crash via a 0xb3702c44 \\.\PSMEMDriver DeviceIoControl request.
CVE-2017-8060
Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call.
CVE-2017-8339
PSKMAD.sys in Panda Free Antivirus 18.0 allows local users to cause a denial of service (BSoD) via a crafted DeviceIoControl request to \\.\PSMEMDriver.
CVE-2016-3943
Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modif...
CVE-2015-7378
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe.

Copyright 2019, cxsecurity.com

 

Back to Top