Vulnerability Description
The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Antiy | Avl Sdk | 2.0.3.7 |
| Ca | Etrust Vet Antivirus | 36.1.8511 |
| Drweb | Dr.Web Antivirus | 5.0.2.03300 |
| Emsisoft | Anti-Malware | 5.1.0.1 |
| Fortinet | Fortinet Antivirus | 4.2.254.0 |
| Ikarus | Ikarus Virus Utilities T3 Command Line Scanner | 1.1.97.0 |
| Kaspersky | Kaspersky Anti-Virus | 7.0.0.125 |
| Mcafee | Gateway | 2010.1c |
| Microsoft | Security Essentials | 2.0 |
| Pandasecurity | Panda Antivirus | 10.0.2.7 |
| Rising-Global | Rising Antivirus | 22.83.00.03 |
| Sophos | Sophos Anti-Virus | 4.61.0 |
| Trendmicro | Housecall | 9.120.0.1004 |
| Trendmicro | Trend Micro Antivirus | 9.120.0.1004 |
Related Weaknesses (CWE)
References
- http://osvdb.org/80482
- http://osvdb.org/80483
- http://osvdb.org/80484
- http://osvdb.org/80485
- http://osvdb.org/80486
- http://osvdb.org/80487
- http://osvdb.org/80488
- http://osvdb.org/80489
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
- http://www.securityfocus.com/bid/52621
- http://osvdb.org/80482
- http://osvdb.org/80483
- http://osvdb.org/80484
- http://osvdb.org/80485
FAQ
What is CVE-2012-1453?
CVE-2012-1453 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly We...
How severe is CVE-2012-1453?
CVE-2012-1453 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1453?
Check the references section above for vendor advisories and patch information. Affected products include: Antiy Avl Sdk, Ca Etrust Vet Antivirus, Drweb Dr.Web Antivirus, Emsisoft Anti-Malware, Fortinet Fortinet Antivirus.