CVE-2012-1453
First published: Wed Mar 21 2012(Updated: )
The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Antiy Avl Sdk | =2.0.3.7 | |
| CA eTrust Vet Antivirus | =36.1.8511 | |
| Drweb Dr.web Antivirus | =5.0.2.03300 | |
| Emsisoft Anti-Malware | =5.1.0.1 | |
| Fortinet Fortinet Antivirus | =4.2.254.0 | |
| Ikarus Ikarus Virus Utilities T3 Command Line Scanner | =1.1.97.0 | |
| Kaspersky Kaspersky Anti-virus | =7.0.0.125 | |
| McAfee Gateway | =2010.1c | |
| Microsoft Security Essentials | =2.0 | |
| Pandasecurity Panda Antivirus | =10.0.2.7 | |
| Rising-global Rising Antivirus | =22.83.00.03 | |
| Sophos Sophos Anti-virus | =4.61.0 | |
| Trendmicro Housecall | =9.120.0.1004 | |
| Trendmicro Trend Micro Antivirus | =9.120.0.1004 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://osvdb.org/80482
- http://osvdb.org/80483
- http://osvdb.org/80484
- http://osvdb.org/80485
- http://osvdb.org/80486
- http://osvdb.org/80487
- http://osvdb.org/80488
- http://osvdb.org/80489
- http://www.ieee-security.org/TC/SP2012/program.html
- http://www.securityfocus.com/archive/1/522005
- http://www.securityfocus.com/bid/52621
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/tags
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- vendor/antiy
- canonical/antiy avl sdk
- version/antiy avl sdk/2.0.3.7
- vendor/ca
- canonical/ca etrust vet antivirus
- version/ca etrust vet antivirus/36.1.8511
- vendor/drweb
- canonical/drweb dr.web antivirus
- version/drweb dr.web antivirus/5.0.2.03300
- vendor/emsisoft
- canonical/emsisoft anti-malware
- version/emsisoft anti-malware/5.1.0.1
- vendor/fortinet
- canonical/fortinet fortinet antivirus
- version/fortinet fortinet antivirus/4.2.254.0
- vendor/ikarus
- canonical/ikarus ikarus virus utilities t3 command line scanner
- version/ikarus ikarus virus utilities t3 command line scanner/1.1.97.0
- vendor/kaspersky
- canonical/kaspersky kaspersky anti-virus
- version/kaspersky kaspersky anti-virus/7.0.0.125
- vendor/mcafee
- canonical/mcafee gateway
- version/mcafee gateway/2010.1c
- vendor/microsoft
- canonical/microsoft security essentials
- version/microsoft security essentials/2.0
- vendor/pandasecurity
- canonical/pandasecurity panda antivirus
- version/pandasecurity panda antivirus/10.0.2.7
- vendor/rising-global
- canonical/rising-global rising antivirus
- version/rising-global rising antivirus/22.83.00.03
- vendor/sophos
- canonical/sophos sophos anti-virus
- version/sophos sophos anti-virus/4.61.0
- vendor/trendmicro
- canonical/trendmicro housecall
- version/trendmicro housecall/9.120.0.1004
- canonical/trendmicro trend micro antivirus
- version/trendmicro trend micro antivirus/9.120.0.1004