← Back

CVE-2012-1450

nvd nist
Published: Mar 21, 2012Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

Affected (3)

Emsisoft
1 product
Anti Malware
Ikarus
1 product
Ikarus Virus Utilities T3 Command Line Scanner
Sophos
1 product
Sophos Anti Virus
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Anti Malware
Version 5.1.0.1
Ikarus Virus Utilities T3 Command Line Scanner
Version 1.1.97.0
Sophos Anti Virus
Version 4.61.0

Related CWEs

CWE-264
CWE-264

References (6)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.