CVE-2012-1450

Emsisoft Anti-malware - Access Control

Title source: rule
STIX 2.1

Description

The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

References (3)

Core 3
Core References
Various Sources x_refsource_misc
http://www.ieee-security.org/TC/SP2012/program.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/522005
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/52617

Scores

EPSS 0.1952
EPSS Percentile 95.5%

Details

CWE
CWE-264
Status published
Products (3)
emsisoft/anti-malware 5.1.0.1
ikarus/ikarus_virus_utilities_t3_command_line_scanner 1.1.97.0
sophos/sophos_anti-virus 4.61.0
Published Mar 21, 2012
Tracked Since Feb 18, 2026