PT-2012-3276 · Emsisoft+1 · Emsisoft Anti-Malware+1
Published
2012-03-21
·
Updated
2012-04-13
·
CVE-2012-1451
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Emsisoft Anti-Malware version 5.1.0.1
Ikarus Virus Utilities T3 Command Line Scanner version 1.1.97.0
Description
The issue allows remote attackers to bypass malware detection. This is achieved through a CAB file with a modified reserved2 field, which is not properly handled by the CAB file parser.
Recommendations
For Emsisoft Anti-Malware version 5.1.0.1, consider updating to a newer version that addresses the CAB file parser issue.
For Ikarus Virus Utilities T3 Command Line Scanner version 1.1.97.0, consider updating to a newer version that addresses the CAB file parser issue.
As a temporary workaround, consider restricting the handling of CAB files with modified reserved2 fields to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Emsisoft Anti-Malware
Ikarus Virus Utilities T3 Command Line Scanner