CVE-2012-1440

The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Published: Mar 21, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1440
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
norman / norman_antivirus_&_antispyware	6.06.12	6.06.12.x
fortinet / fortinet_antivirus	4.2.254.0	4.2.254.0.x
ca / etrust_vet_antivirus	36.1.8511	36.1.8511.x
aladdin / esafe	7.0.17.0	7.0.17.0.x
pandasecurity / panda_antivirus	10.0.2.7	10.0.2.7.x

http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005

Vulnerability Database

289,697

CVE-2012-1440