exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2012-1458

Status Candidate

Overview

The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.

Related Files

Ubuntu Security Notice USN-1482-3
Posted Aug 17, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1482-3 - USN-1482-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan files in some situations. This update fixes the problem. It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-1459, CVE-2012-1458
SHA-256 | f6eafdf05eddc06cc3f5e1210fb3edc481985bad585d980219e95024ddabd0ae
Ubuntu Security Notice USN-1482-2
Posted Jun 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1482-2 - USN-1482-1 fixed vulnerabilities in ClamAV. The updated packages could fail to install in certain situations. This update fixes the problem. It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-1459, CVE-2012-1458
SHA-256 | d71f6c0e933ef9f027c20f83737f0ac412df02c939b1661f6397cd5b0a8f8471
Ubuntu Security Notice USN-1482-1
Posted Jun 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1482-1 - It was discovered that ClamAV incorrectly handled certain malformed TAR archives. A remote attacker could create a specially-crafted TAR file containing malware that could escape being detected. It was discovered that ClamAV incorrectly handled certain malformed CHM files. A remote attacker could create a specially-crafted CHM file containing malware that could escape being detected. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2012-1459, CVE-2012-1458, CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
SHA-256 | 7375ef9bb7213280f4fb2a900f61a9fef2a7a69735f1380307b67f2056e9e138
Mandriva Linux Security Advisory 2012-094
Posted Jun 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-094 - This is a bugfix release that upgrades clamav to the latest version The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. The Microsoft CHM file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. The TAR file parser in ClamAV 0.96.4 allows remote attackers to bypass malware detection via a TAR archive entry with a length field corresponding to that entire entry, plus part of the header of the next entry.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
SHA-256 | 9d3c70ef74c52e6171f0b59d36ffcd805402309bc35d4dd9220758ef6d22659b
Clam AntiVirus Toolkit 0.97.5
Posted Jun 16, 2012
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This release addresses possible evasion cases in some archive formats. It also addresses stability issues in portions of the bytecode engine. This release is recommended for all users.
tags | tool, virus
systems | unix
advisories | CVE-2012-1457, CVE-2012-1458, CVE-2012-1459
SHA-256 | db6c5e1a5ec8ca0b8006cf82661d3158d3365ba1b4bc14c03c5d0bca89a93c0d
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close