File Parsing Vulnerability in Comodo Antivirus and Sophos Anti-Virus
CVE-2012-1438
Currently unrated
Summary
A file parsing vulnerability exists in Comodo Antivirus and Sophos Anti-Virus that allows remote attackers to circumvent malware detection mechanisms. Attackers can exploit this flaw by using an Office file containing a specific ustar character sequence positioned at a strategic location. This results in the potential for malicious files to be undetected by the antivirus products, placing users at risk. Note that further discoveries may lead to a reclassification into multiple vulnerabilities should additional details surface about File parsers within various Office applications.
References
Timeline
Vulnerability Reserved
Vulnerability published