Vulnerability Description
The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eset | Nod32 Antivirus | 5795 |
| Rising-Global | Rising Antivirus | 22.83.00.03 |
Related Weaknesses (CWE)
References
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
- http://www.securityfocus.com/bid/52607
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
- http://www.securityfocus.com/bid/52607
FAQ
What is CVE-2012-1455?
CVE-2012-1455 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. NOTE: this may la...
How severe is CVE-2012-1455?
CVE-2012-1455 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-1455?
Check the references section above for vendor advisories and patch information. Affected products include: Eset Nod32 Antivirus, Rising-Global Rising Antivirus.