CVE-2012-1424
The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a POSIX TAR file with a \19\04\00\10 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
| Software | From | Fixed in |
|---|---|---|
| norman / norman_antivirus_&_antispyware | 6.06.12 | 6.06.12.x |
| sophos / sophos_anti-virus | 4.61.0 | 4.61.0.x |
| cat / quick_heal | 11.00 | 11.00.x |
| jiangmin / jiangmin_antivirus | 13.0.900 | 13.0.900.x |
| antiy / avl_sdk | 2.0.3.7 | 2.0.3.7.x |
| pc_tools / pc_tools_antivirus | 7.0.3.5 | 7.0.3.5.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime