File Parsing Vulnerability in Emsisoft and Sophos Anti-Virus Products
CVE-2012-1450

Currently unrated

Key Information:

Vendor

Sophos
Status
Sophos Anti-virus
Ikarus Virus Utilities T3 Command Line Scanner
Anti-malware
Vendor
CVE Published:
21 March 2012

What is CVE-2012-1450?

The vulnerability found in the CAB file parser of specific antivirus software products enables remote attackers to bypass malware detection mechanisms. By crafting a CAB file with a modified reserved3 field, attackers can exploit this flaw, allowing malicious files to evade detection and potentially execute harmful actions without alerting the user or the software. This issue highlights the importance of robust parsing mechanisms within antivirus solutions to prevent sophisticated evasion techniques.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/archive/1/522005
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/52617
vdb-entryx_refsource_BID
http://www.ieee-security.org/TC/SP2012/program.html
x_refsource_MISC

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.