Lucene search

K
cve[email protected]CVE-2012-1451
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-1451

2022-10-0316:15:26
CWE-264
web.nvd.nist.gov
18
cve-2012-1451
cab file
parser
vulnerability
emsisoft anti-malware
ikarus virus utilities
remote attackers
malware detection

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.938 High

EPSS

Percentile

99.1%

The CAB file parser in Emsisoft Anti-Malware 5.1.0.1 and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved2 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

Affected configurations

NVD
Node
emsisoftanti-malwareMatch5.1.0.1
OR
ikarusikarus_virus_utilities_t3_command_line_scannerMatch1.1.97.0

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.938 High

EPSS

Percentile

99.1%

Related for CVE-2012-1451