Vulnerability Description
The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Comodo | Comodo Antivirus | 7425 |
| Sophos | Sophos Anti-Virus | 4.61.0 |
Related Weaknesses (CWE)
References
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
FAQ
What is CVE-2012-1438?
CVE-2012-1438 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certa...
How severe is CVE-2012-1438?
CVE-2012-1438 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1438?
Check the references section above for vendor advisories and patch information. Affected products include: Comodo Comodo Antivirus, Sophos Sophos Anti-Virus.