CVE-2012-1462

The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, Fortinet Antivirus 4.2.254.0, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, Kaspersky Anti-Virus 7.0.0.125, Norman Antivirus 6.06.12, Sophos Anti-Virus 4.61.0, and AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11 allows remote attackers to bypass malware detection via a ZIP file containing an invalid block of data at the beginning. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ZIP parser implementations.

Published: Mar 21, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1462
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
ahnlab / v3_internet_security	2011.01.18.00	2011.01.18.00.x
symantec / endpoint_protection	11.0	11.0.x
kaspersky / kaspersky_anti-virus	7.0.0.125	7.0.0.125.x
cat / quick_heal	11.00	11.00.x
avg / avg_anti-virus	10.0.0.1190	10.0.0.1190.x
fortinet / fortinet_antivirus	4.2.254.0	4.2.254.0.x
jiangmin / jiangmin_antivirus	13.0.900	13.0.900.x
ikarus / ikarus_virus_utilities_t3_command_line_scanner	1.1.97.0	1.1.97.0.x
emsisoft / anti-malware	5.1.0.1	5.1.0.1.x
aladdin / esafe	7.0.17.0	7.0.17.0.x

Vulnerability Database

289,697

CVE-2012-1462