Multiple.Vendor.AntiVirus.Extended.ASCII.Security.Bypass

description-logoDescription

This indicates an attack attempt to exploit a Security Bypass vulnerability in multiple Anti-Virus products.
The vulnerability is due to an input validation error when handling files with names that contain special or extended ASCII characters. A remote attacker can exploit this to evade anti-virus scan allowing them to deliver viruses to the targeted system.

affected-products-logoAffected Products

SOFTWIN BitDefender 9.0 and prior
Comodo Group Trustix AntiVirus 2005 and prior
ALWIL Software Avast! AntiVirus 4.6 and prior
CA eTrust QuickHeal AntiVirus 2005 and prior
Abacre Software Abacre Antivirus any
Deerfield.com VisNetic AntiVirus any
Avira AntiVir PersonalEdition Classic
ClamAV Project ClamAV for Windows
Anity Labs Ghostbusters Professional Edition 5 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Update the product to a non-vulnerable version

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)