CVE-2012-1429 : The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure A

The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, and nProtect Anti-Virus 2011-01-17.01 allows remote attackers to bypass malware detection via an ELF file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Published 2012-03-21 10:11:48

Updated 2017-08-29 01:31:17

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2012-1429

Probability of exploitation activity in the next 30 days: 97.43%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-1429

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2012-1429

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-1429

http://www.ieee-security.org/TC/SP2012/program.html

IEEE Symposium on Security and Privacy 2012

CVEs referencing this url
http://www.securityfocus.com/archive/1/522005

SecurityFocus

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/74244

Multiple Antivirus Products ELF file ustar evasion CVE-2012-1429 Vulnerability Report

Products affected by CVE-2012-1429

Mcafee » Scan Engine » Version: 5.400.0.1158
cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*
Matching versions
Mcafee » Gateway » Version: 2010.1c
cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*
Matching versions
F-secure » F-secure Anti-virus » Version: 9.0.16160.0
cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*
Matching versions
Softwin » Bitdefender » Version: 7.2
cpe:2.3:a:softwin:bitdefender:7.2:*:*:*:*:*:*:*
Matching versions
Nprotect » Nprotect Antivirus » Version: 2011-01-17.01
cpe:2.3:a:nprotect:nprotect_antivirus:2011-01-17.01:*:*:*:*:*:*:*
Matching versions
Ikarus » Ikarus Virus Utilities T3 Command Line Scanner » Version: 1.1.97.0
cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*
Matching versions
Comodo » Comodo Antivirus » Version: 7424
cpe:2.3:a:comodo:comodo_antivirus:7424:*:*:*:*:*:*:*
Matching versions
Aladdin » Esafe » Version: 7.0.17.0
cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*
Matching versions
Emsisoft » Anti-malware » Version: 5.1.0.1
cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-1429

Exploit prediction scoring system (EPSS) score for CVE-2012-1429

CVSS scores for CVE-2012-1429

CWE ids for CVE-2012-1429

References for CVE-2012-1429

Products affected by CVE-2012-1429