PT-2012-3273 · Trend Micro+3 · Trend Micro Housecall+4
Published
2012-03-21
·
Updated
2012-11-06
·
CVE-2012-1448
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Quick Heal versions 11.00
Trend Micro AntiVirus version 9.120.0.1004
Ikarus Virus Utilities T3 Command Line Scanner version 1.1.97.0
Trend Micro HouseCall version 9.120.0.1004
Emsisoft Anti-Malware version 5.1.0.1
Description
The issue allows remote attackers to bypass malware detection via a CAB file with a modified
cbCabinet field. This could potentially be exploited in various products that utilize a vulnerable CAB file parser.Recommendations
For Quick Heal version 11.00, update to a version that fixes the CAB file parser issue.
For Trend Micro AntiVirus version 9.120.0.1004, update to a version that fixes the CAB file parser issue.
For Ikarus Virus Utilities T3 Command Line Scanner version 1.1.97.0, update to a version that fixes the CAB file parser issue.
For Trend Micro HouseCall version 9.120.0.1004, update to a version that fixes the CAB file parser issue.
For Emsisoft Anti-Malware version 5.1.0.1, update to a version that fixes the CAB file parser issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Emsisoft Anti-Malware
Ikarus Virus Utilities T3 Command Line Scanner
Quick Heal
Trend Micro Antivirus
Trend Micro Housecall