CVE-2012-1454

The ELF file parser in Dr.Web 5.0.2.03300, eSafe 7.0.17.0, McAfee Gateway (formerly Webwasher) 2010.1C, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified ei_version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations.

Published: Mar 21, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1454
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
rising-global / rising_antivirus	22.83.00.03	22.83.00.03.x
mcafee / gateway	2010.1c	2010.1c.x
fortinet / fortinet_antivirus	4.2.254.0	4.2.254.0.x
drweb / dr.web_antivirus	5.0.2.03300	5.0.2.03300.x
aladdin / esafe	7.0.17.0	7.0.17.0.x
pandasecurity / panda_antivirus	10.0.2.7	10.0.2.7.x

http://osvdb.org/80432
http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005

Vulnerability Database

289,599

CVE-2012-1454