Design/Logic Flaw

2012-03-2110:11:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.943 High

EPSS

Percentile

99.2%

JSON

The CAB file parser in NOD32 Antivirus 5795 and Rising Antivirus 22.83.00.03 allows remote attackers to bypass malware detection via a CAB file with a modified vMinor version field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

CPENameOperatorVersion
nod32_antiviruseq5795
rising_antiviruseq22.83.00.03

CPE	Name	Operator	Version
	nod32_antivirus	eq	5795
	rising_antivirus	eq	22.83.00.03

References

www.ieee-security.org/TC/SP2012/program.html

www.securityfocus.com/archive/1/522005

www.securityfocus.com/bid/52607