CVE-2012-1453
CVE-2012-1453
Vexday Risk Score
25Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 97.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
21 mar 2012Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://osvdb.org/80482http://osvdb.org/80483http://osvdb.org/80484http://osvdb.org/80485http://osvdb.org/80486http://osvdb.org/80487http://osvdb.org/80488http://osvdb.org/80489http://www.ieee-security.org/TC/SP2012/program.htmlhttp://www.securityfocus.com/archive/1/522005http://www.securityfocus.com/bid/52621