CVE-2012-1461 - Vulnerability Details

Vendors	Products
Anti-virus	Vba32
Authentium	Command Antivirus
Avg	Avg Anti-virus
Bitdefender	Bitdefender
Emsisoft	Anti-malware
Eset	Nod32 Antivirus
F-secure	F-secure Anti-virus
Fortinet	Fortinet Antivirus
Ikarus	Ikarus Virus Utilities T3 Command Line Scanner
Jiangmin	Jiangmin Antivirus
K7computing	Antivirus
Kaspersky	Kaspersky Anti-virus
Mcafee	Gateway Scan Engine
Norman	Norman Antivirus \& Antispyware
Rising-global	Rising Antivirus
Sophos	Sophos Anti-virus
Symantec	Endpoint Protection
Trendmicro	Housecall Trend Micro Antivirus

Link	Providers
http://osvdb.org/80500
http://osvdb.org/80501
http://osvdb.org/80502
http://osvdb.org/80503
http://osvdb.org/80504
http://osvdb.org/80505
http://osvdb.org/80506
http://osvdb.org/80510
http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005
http://www.securityfocus.com/bid/52626

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-03-19T00:00:00", "descriptions": [{"lang": "en", "value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-07-10T09:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "80502", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80502"}, {"name": "52626", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/52626"}, {"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/522005"}, {"name": "80504", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80504"}, {"name": "80506", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80506"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ieee-security.org/TC/SP2012/program.html"}, {"name": "80500", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80500"}, {"name": "80505", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80505"}, {"name": "80501", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80501"}, {"name": "80503", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80503"}, {"name": "80510", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/80510"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-1461", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "80502", "refsource": "OSVDB", "url": "http://osvdb.org/80502"}, {"name": "52626", "refsource": "BID", "url": "http://www.securityfocus.com/bid/52626"}, {"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/522005"}, {"name": "80504", "refsource": "OSVDB", "url": "http://osvdb.org/80504"}, {"name": "80506", "refsource": "OSVDB", "url": "http://osvdb.org/80506"}, {"name": "http://www.ieee-security.org/TC/SP2012/program.html", "refsource": "MISC", "url": "http://www.ieee-security.org/TC/SP2012/program.html"}, {"name": "80500", "refsource": "OSVDB", "url": "http://osvdb.org/80500"}, {"name": "80505", "refsource": "OSVDB", "url": "http://osvdb.org/80505"}, {"name": "80501", "refsource": "OSVDB", "url": "http://osvdb.org/80501"}, {"name": "80503", "refsource": "OSVDB", "url": "http://osvdb.org/80503"}, {"name": "80510", "refsource": "OSVDB", "url": "http://osvdb.org/80510"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:01:01.258Z"}, "title": "CVE Program Container", "references": [{"name": "80502", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80502"}, {"name": "52626", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/52626"}, {"name": "20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/522005"}, {"name": "80504", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80504"}, {"name": "80506", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80506"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ieee-security.org/TC/SP2012/program.html"}, {"name": "80500", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80500"}, {"name": "80505", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80505"}, {"name": "80501", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80501"}, {"name": "80503", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80503"}, {"name": "80510", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/80510"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-1461", "datePublished": "2012-03-21T10:00:00", "dateReserved": "2012-02-29T00:00:00", "dateUpdated": "2024-08-06T19:01:01.258Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2012-03-19T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2012-07-10T09:00:00 (string)

orgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

shortName : mitre (string)

}

references : [ »

0 : { »

name : 80502 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80502 (string)

}

1 : { »

name : 52626 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/52626 (string)

}

2 : { »

name : 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

]

url : http://www.securityfocus.com/archive/1/522005 (string)

}

3 : { »

name : 80504 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80504 (string)

}

4 : { »

name : 80506 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80506 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

]

url : http://www.ieee-security.org/TC/SP2012/program.html (string)

}

6 : { »

name : 80500 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80500 (string)

}

7 : { »

name : 80505 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80505 (string)

}

8 : { »

name : 80501 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80501 (string)

}

9 : { »

name : 80503 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80503 (string)

}

10 : { »

name : 80510 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

]

url : http://osvdb.org/80510 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : cve@mitre.org (string)

ID : CVE-2012-1461 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : 80502 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80502 (string)

}

1 : { »

name : 52626 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/52626 (string)

}

2 : { »

name : 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (string)

refsource : BUGTRAQ (string)

url : http://www.securityfocus.com/archive/1/522005 (string)

}

3 : { »

name : 80504 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80504 (string)

}

4 : { »

name : 80506 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80506 (string)

}

5 : { »

name : http://www.ieee-security.org/TC/SP2012/program.html (string)

refsource : MISC (string)

url : http://www.ieee-security.org/TC/SP2012/program.html (string)

}

6 : { »

name : 80500 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80500 (string)

}

7 : { »

name : 80505 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80505 (string)

}

8 : { »

name : 80501 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80501 (string)

}

9 : { »

name : 80503 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80503 (string)

}

10 : { »

name : 80510 (string)

refsource : OSVDB (string)

url : http://osvdb.org/80510 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T19:01:01.258Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : 80502 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80502 (string)

}

1 : { »

name : 52626 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/52626 (string)

}

2 : { »

name : 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_BUGTRAQ (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/archive/1/522005 (string)

}

3 : { »

name : 80504 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80504 (string)

}

4 : { »

name : 80506 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80506 (string)

}

5 : { »

tags : [ »

0 : x_refsource_MISC (string)

1 : x_transferred (string)

]

url : http://www.ieee-security.org/TC/SP2012/program.html (string)

}

6 : { »

name : 80500 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80500 (string)

}

7 : { »

name : 80505 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80505 (string)

}

8 : { »

name : 80501 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80501 (string)

}

9 : { »

name : 80503 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80503 (string)

}

10 : { »

name : 80510 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_OSVDB (string)

2 : x_transferred (string)

]

url : http://osvdb.org/80510 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8254265b-2729-46b6-b9e3-3dfca2d5bfca (string)

assignerShortName : mitre (string)

cveId : CVE-2012-1461 (string)

datePublished : 2012-03-21T10:00:00 (string)

dateReserved : 2012-02-29T00:00:00 (string)

dateUpdated : 2024-08-06T19:01:01.258Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "2A0325DA-A137-41E0-BD5E-B892F2166749", "vulnerable": true}, {"criteria": "cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:*", "matchCriteriaId": "192DFD98-11AA-4E7A-A1CB-53FC06FEB20F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:*", "matchCriteriaId": "4E62090C-AF41-4032-B9F7-78FEBDB4AAE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "24D7D7FA-20E9-4560-ABC6-154CD918E307", "vulnerable": true}, {"criteria": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "488ED4D6-0A32-43D5-840C-F76919C41C45", "vulnerable": true}, {"criteria": "cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:*", "matchCriteriaId": "673B999A-11D2-4AFF-9930-0C06E8BBAA7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:*", "matchCriteriaId": "BB884937-53F0-4BB5-AA8F-1CCDCD1221D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*", "matchCriteriaId": "1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*", "matchCriteriaId": "1759C4A5-67D1-4722-954A-883694E57FAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:*", "matchCriteriaId": "620DC756-B821-413C-A824-43C221E573AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:*", "matchCriteriaId": "B27BD224-CB70-43D2-8B0D-9F229A646B82", "vulnerable": true}, {"criteria": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*", "matchCriteriaId": "FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*", "matchCriteriaId": "18FC30B1-4FB3-4891-93FE-63A93E686EB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*", "matchCriteriaId": "0BCE1228-61BE-4C10-898A-B8BDC5A71156", "vulnerable": true}, {"criteria": "cpe:2.3:a:norman:norman_antivirus_\\&_antispyware:6.06.12:*:*:*:*:*:*:*", "matchCriteriaId": "81D01633-1000-425D-9026-59C50734956A", "vulnerable": true}, {"criteria": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*", "matchCriteriaId": "EF8ADA91-4042-4E1B-9F14-78023F24B137", "vulnerable": true}, {"criteria": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*", "matchCriteriaId": "0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*", "matchCriteriaId": "B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*", "matchCriteriaId": "72379F97-0BCA-425A-92AE-9F336866FD07", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams.  NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations."}, {"lang": "es", "value": "El analizador de archivos Gzip en AVG Anti-Virus 10.0.0.1190, BitDefender 7.2, Command Antivirus 5.2.11.5, a-squared Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Utilities Ikarus Virus T3 de l\u00ednea de comandos esc\u00e1ner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 06.06.12, 22.83.00.03 Rising Antivirus, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, y 3.12.14.2 VBA32 permite a atacantes remotos evitar la detecci\u00f3n de malware a trav\u00e9s de un archivo. tar.gz con varias secuencias comprimidas. NOTA: esto m\u00e1s adelante se puede dividir en varios CVEs si la informaci\u00f3n adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador Gzip."}], "id": "CVE-2012-1461", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-03-21T10:11:49.677", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/80500"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/80501"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/80502"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/80503"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/80504"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/80505"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/80506"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/80510"}, {"source": "cve@mitre.org", "url": "http://www.ieee-security.org/TC/SP2012/program.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/522005"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/52626"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80500"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80501"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80502"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80503"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80504"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80505"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80506"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/80510"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ieee-security.org/TC/SP2012/program.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/522005"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/52626"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:anti-virus:vba32:3.12.14.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 2A0325DA-A137-41E0-BD5E-B892F2166749 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:authentium:command_antivirus:5.2.11.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 192DFD98-11AA-4E7A-A1CB-53FC06FEB20F (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:avg:avg_anti-virus:10.0.0.1190:*:*:*:*:*:*:* (string)

matchCriteriaId : 4E62090C-AF41-4032-B9F7-78FEBDB4AAE1 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:bitdefender:bitdefender:7.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 24D7D7FA-20E9-4560-ABC6-154CD918E307 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 488ED4D6-0A32-43D5-840C-F76919C41C45 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:eset:nod32_antivirus:5795:*:*:*:*:*:*:* (string)

matchCriteriaId : 673B999A-11D2-4AFF-9930-0C06E8BBAA7F (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:f-secure:f-secure_anti-virus:9.0.16160.0:*:*:*:*:*:*:* (string)

matchCriteriaId : BB884937-53F0-4BB5-AA8F-1CCDCD1221D9 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1C36D1BA-DB17-4FE0-8D6E-BA5649AE3BF0 (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 1759C4A5-67D1-4722-954A-883694E57FAB (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:jiangmin:jiangmin_antivirus:13.0.900:*:*:*:*:*:*:* (string)

matchCriteriaId : 620DC756-B821-413C-A824-43C221E573AA (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:k7computing:antivirus:9.77.3565:*:*:*:*:*:*:* (string)

matchCriteriaId : B27BD224-CB70-43D2-8B0D-9F229A646B82 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:* (string)

matchCriteriaId : FD9BCB3B-0FE8-4716-ABC2-1DB89D330F56 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:* (string)

matchCriteriaId : 18FC30B1-4FB3-4891-93FE-63A93E686EB3 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:* (string)

matchCriteriaId : 0BCE1228-61BE-4C10-898A-B8BDC5A71156 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:norman:norman_antivirus_\&_antispyware:6.06.12:*:*:*:*:*:*:* (string)

matchCriteriaId : 81D01633-1000-425D-9026-59C50734956A (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:* (string)

matchCriteriaId : EF8ADA91-4042-4E1B-9F14-78023F24B137 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 0912E21E-1EEB-4ADD-958F-F8AEBBF7C5E6 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:* (string)

matchCriteriaId : E269D396-3A70-4C4B-9D79-CBBA75C280D8 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:* (string)

matchCriteriaId : B3C3D7B7-3DD1-417E-9488-A3B0F28F75E1 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:* (string)

matchCriteriaId : 72379F97-0BCA-425A-92AE-9F336866FD07 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The Gzip file parser in AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, Rising Antivirus 22.83.00.03, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, and VBA32 3.12.14.2 allows remote attackers to bypass malware detection via a .tar.gz file with multiple compressed streams. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Gzip parser implementations. (string)

}

1 : { »

lang : es (string)

value : El analizador de archivos Gzip en AVG Anti-Virus 10.0.0.1190, BitDefender 7.2, Command Antivirus 5.2.11.5, a-squared Anti-Malware 5.1.0.1, F-Secure Anti-Virus 9.0.16160.0, Fortinet Antivirus 4.2.254.0, Utilities Ikarus Virus T3 de línea de comandos escáner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee gateway (anteriormente Webwasher) 2010.1C, NOD32 Antivirus 5795, Norman Antivirus 06.06.12, 22.83.00.03 Rising Antivirus, Sophos Anti-Virus 4.61.0, AVEngine 20101.3.0.103 de Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, y 3.12.14.2 VBA32 permite a atacantes remotos evitar la detección de malware a través de un archivo. tar.gz con varias secuencias comprimidas. NOTA: esto más adelante se puede dividir en varios CVEs si la información adicional que se publica muestra que el error se produjo de forma independiente en diferentes implementaciones del analizador Gzip. (string)

}

]

id : CVE-2012-1461 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:P/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2012-03-21T10:11:49.677 (string)

references : [ »

0 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80500 (string)

}

1 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80501 (string)

}

2 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80502 (string)

}

3 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80503 (string)

}

4 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80504 (string)

}

5 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80505 (string)

}

6 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80506 (string)

}

7 : { »

source : cve@mitre.org (string)

url : http://osvdb.org/80510 (string)

}

8 : { »

source : cve@mitre.org (string)

url : http://www.ieee-security.org/TC/SP2012/program.html (string)

}

9 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/archive/1/522005 (string)

}

10 : { »

source : cve@mitre.org (string)

url : http://www.securityfocus.com/bid/52626 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80500 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80501 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80502 (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80503 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80504 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80505 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80506 (string)

}

18 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://osvdb.org/80510 (string)

}

19 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.ieee-security.org/TC/SP2012/program.html (string)

}

20 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/archive/1/522005 (string)

}

21 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/52626 (string)

}

]

sourceIdentifier : cve@mitre.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-264 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object