CVE-2012-1458
ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 - Malware Detection Bypass via CHM LZXC Header Reset Interval
Title source: llmDescription
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.
References (8)
Core 8
Core References
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/522005
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/52611
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80473
Various Sources x_refsource_misc
http://www.ieee-security.org/TC/SP2012/program.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74301
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/80474
Vendor Advisory vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:094
Scores
EPSS
0.0812
EPSS Percentile
92.3%
Details
CWE
CWE-264
Status
published
Products (2)
clamav/clamav
0.96.4
sophos/sophos_anti-virus
4.61.0
Published
Mar 21, 2012
Tracked Since
Feb 18, 2026