The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0,…

CVSS

4.3

Medium

EPSS

0.90

p99

Published

2012-01-01

Updated

2012-01-01

Description

The TAR file parser in Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Prot Antivirus 4.6.2.117, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, K7 AntiVirus 9.77.3565, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.

Tags · CWE

CWE-264

Affected products

Command_antivirusAnti-malwareNod32_antivirusF-prot_antivirusFortinet_antivirusIkarus_virus_utilities_t3_command_line_scannerAntivirusNorman_antivirus_\&_antispywarePc_tools_antivirusRising_antivirusVirusbuster

CVSS vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Timeline

2012-01-01

Published

2012-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: M

Medium

Authentication

Au: N

None (N)

Confidentiality Impact

C: N

None (N)

Integrity Impact

I: P

Partial

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.899 · p99

Known exploited (KEV)

Known exploits — Сканер-ВС

No Сканер-ВС checks registered for this vulnerability yet.

Affected products

Product	Vendor	Status
anti-malware	*	Tracked
antivirus	*	Tracked
command_antivirus	*	Tracked
f-prot_antivirus	*	Tracked
fortinet_antivirus	*	Tracked
ikarus_virus_utilities_t3_command_line_scanner	*	Tracked
nod32_antivirus	*	Tracked
norman_antivirus_&_antispyware	*	Tracked
pc_tools_antivirus	*	Tracked
rising_antivirus	*	Tracked
virusbuster	*	Tracked

Source databases

CVE