Описание
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-9362
- https://blog.zoller.lu/p/from-low-hanging-fruit-department_24.html
- https://blog.zoller.lu/p/tzo-20-2020-quickheal-malformed-archive.html
- http://packetstormsecurity.com/files/156580/QuickHeal-Generic-Malformed-Archive-Bypass.html
- http://seclists.org/fulldisclosure/2020/Mar/14
Связанные уязвимости
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.