CVE-2012-1448

Quick Heal 11.00 - Malware Detection Bypass via Modified CAB cbCabinet Field

Title source: llm

Description

The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti-Malware 5.1.0.1 allows remote attackers to bypass malware detection via a CAB file with a modified cbCabinet field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

References (3)

Core 3

Core References

Various Sources x_refsource_misc

http://www.ieee-security.org/TC/SP2012/program.html

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/522005

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/52603

Scores

EPSS 0.0834

EPSS Percentile 92.4%

Details

CWE

CWE-264

Status published

Products (5)

cat/quick_heal 11.00

emsisoft/anti-malware 5.1.0.1

ikarus/ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0

trendmicro/housecall 9.120.0.1004

trendmicro/trend_micro_antivirus 9.120.0.1004

Published Mar 21, 2012

Tracked Since Feb 18, 2026