File Parsing Vulnerability in Comodo Antivirus and Sophos Anti-Virus
CVE-2012-1438

Currently unrated

Key Information:

Vendor: Sophos
Status: Sophos Anti-virus; Comodo Antivirus
Vendor: CVE Published:; 21 March 2012

Summary

A file parsing vulnerability exists in Comodo Antivirus and Sophos Anti-Virus that allows remote attackers to circumvent malware detection mechanisms. Attackers can exploit this flaw by using an Office file containing a specific ustar character sequence positioned at a strategic location. This results in the potential for malicious files to be undetected by the antivirus products, placing users at risk. Note that further discoveries may lead to a reclassification into multiple vulnerabilities should additional details surface about File parsers within various Office applications.

References

http://www.securityfocus.com/archive/1/522005

mailing-listx_refsource_BUGTRAQ

http://www.ieee-security.org/TC/SP2012/program.html

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Mar 21, 2012