The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, K7 AntiVirus 9.77.3565, Norman Antivirus 6.06.12, and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial \42\5A\68 character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations.
2012-03-21T10:11:47.443
2025-04-11T00:51:21.963
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | authentium | command_antivirus | 5.2.11.5 | Yes |
Application | cat | quick_heal | 11.00 | Yes |
Application | f-prot | f-prot_antivirus | 4.6.2.117 | Yes |
Application | k7computing | antivirus | 9.77.3565 | Yes |
Application | norman | norman_antivirus_\&_antispyware | 6.06.12 | Yes |
Application | rising-global | rising_antivirus | 22.83.00.03 | Yes |