Twenty Year Anniversary
Showing 1 - 5 of 5 RSS Feed

CVE-2012-1458

Status Candidate

Overview

The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.

Related Files

Ubuntu Security Notice USN-1482-3
Posted Aug 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1482-3 - USN-1482-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan files in some situations. This update fixes the problem. It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-1459, CVE-2012-1458
MD5 | 4a56480cdefef37e063c8abbd0fd8019
Ubuntu Security Notice USN-1482-2
Posted Jun 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1482-2 - USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem. It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-1459, CVE-2012-1458
MD5 | 89f2ca90ba5732e315f7241c297e8fbd
Ubuntu Security Notice USN-1482-1
Posted Jun 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1482-1 - It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2012-1459, CVE-2012-1458, CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
MD5 | 1a317637b460595952a65ea1d99e4d5f
Mandriva Linux Security Advisory 2012-094
Posted Jun 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-094 - This is a bugfix release that upgrades clamav to the latest version The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
MD5 | 9f2a55c5cf58d35e60e15c844a8c86bc
Clam AntiVirus Toolkit 0.97.5
Posted Jun 16, 2012
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This release addresses possible evasion cases in some archive formats. It also addresses stability issues in portions of the bytecode engine. This release is recommended for all users.
tags | tool, virus
systems | unix
advisories | CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
MD5 | 4d4b93243a5add0216acc4f24f43a895
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close