CVE-2012-1457 (retired)

The TAR file parser in Avira AntiVir, Antiy Labs AVL SDK, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV
0.96.4, Command Antivirus, Emsisoft Anti-Malware, eSafe, F-Prot Antivirus, G Data AntiVirus 21, Ikarus Virus
Utilities T3 Command Line Scanner, Jiangmin Antivirus 13.0.900, K7
AntiVirus 9.77.3565, Kaspersky Anti-Virus, McAfee Anti-Virus
Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C,
Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32
Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus,
Rising Antivirus, AVEngine 20101.3.0.103 in Symantec Endpoint
Protection 11, Trend Micro AntiVirus, Trend Micro HouseCall, VBA32, and VirusBuster allows remote
attackers to bypass malware detection via a TAR archive entry with a length
field that exceeds the total TAR file size. NOTE: this may later be SPLIT
into multiple CVEs if additional information is published showing that the
error occurred independently in different TAR parser implementations.
Upstream:released (0.97.5)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (0.97.5+dfsg-1ubuntu1)
More Information

Updated: 2019-03-26 12:01:16 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)