Bypass of Malware Detection in ClamAV and Sophos Anti-Virus Products
CVE-2012-1458

Currently unrated

Key Information:

Vendor

Clamav

Status
Clamav
Sophos Anti-virus
Vendor
CVE Published:
21 March 2012

What is CVE-2012-1458?

The Microsoft CHM file parser within ClamAV and Sophos Anti-Virus has a security flaw that allows attackers to evade malware detection by crafting a specific reset interval in the LZXC header of a CHM file. This vulnerability can be exploited by an attacker to bypass the security measures designed to detect malicious content in CHM files, potentially exposing users to unrecognized threats.

References

http://lists.opensuse.org/opensuse-security-announce/2012...
vendor-advisoryx_refsource_SUSE
http://www.securityfocus.com/archive/1/522005
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/52611
vdb-entryx_refsource_BID

EPSS Score

62% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.