CAB File Parser Vulnerability in Multiple Antivirus Software

CAB File Parser Vulnerability in Multiple Antivirus Software

CVE-2012-1450 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Sophos Anti-Virus 4.61.0, and Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0 allows remote attackers to bypass malware detection via a CAB file with a modified reserved3 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

Learn more about our Cis Benchmark Audit For Sophos.