Lucene search

[email protected]NVD:CVE-2012-1438

HistoryMar 21, 2012 - 10:11 a.m.

CVE-2012-1438

2012-03-2110:11:47

CWE-264

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.293 Low

EPSS

Percentile

96.9%

JSON

The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.

Affected configurations

NVD

Node

comodocomodo_antivirusMatch7425

sophossophos_anti-virusMatch4.61.0

References

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.293 Low

EPSS

Percentile

96.9%

JSON

Related for NVD:CVE-2012-1438

cve1 cvelist1 prion1