V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2012-1448
CVE
Medium

The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Sca…

CVSS
4.3
Medium
EPSS
0.89
p99
Published
2012-01-01
Updated
2012-01-01
Description

The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti-Malware 5.1.0.1 allows remote attackers to bypass malware detection via a CAB file with a modified cbCabinet field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

Tags · CWE
CWE-264
Affected products
Quick_healAnti-malwareIkarus_virus_utilities_t3_command_line_scannerHousecallTrend_micro_antivirus
CVSS vector
AV:N/AC:M/Au:N/C:N/I:P/A:N
Timeline
2012-01-01
Published
2012-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: M
Medium
Authentication
Au: N
None (N)
Confidentiality Impact
C: N
None (N)
Integrity Impact
I: P
Partial
Availability Impact
A: N
None (N)
Exploit indicators
EPSS
0.890 · p99
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Trendmicro
HousecallTrend Micro Antivirus
Cat
Quick Heal
Ikarus
Ikarus Virus Utilities T3 Command Line Scanner
Emsisoft
Anti-malware
ProductVendorStatus
anti-malware*Tracked
housecall*Tracked
ikarus_virus_utilities_t3_command_line_scanner*Tracked
quick_heal*Tracked
trend_micro_antivirus*Tracked
Source databases
CVE