CAB File Parser Vulnerability in Multiple Antivirus Software

CAB File Parser Vulnerability in Multiple Antivirus Software

CVE-2012-1448 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti-Malware 5.1.0.1 allows remote attackers to bypass malware detection via a CAB file with a modified cbCabinet field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

Learn more about our Web Application Penetration Testing UK.