PT-2012-3283 · Sophos+2 · Sophos Anti-Virus+2

Published

2012-03-21

Updated

2024-06-15

CVE-2012-1458

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions ClamAV version 0.96.4 Sophos Anti-Virus version 4.61.0

Description The issue allows remote attackers to bypass malware detection through a crafted reset interval in the LZXC header of a CHM file.

Recommendations For ClamAV version 0.96.4, update to a newer version that contains a fix for this issue. For Sophos Anti-Virus version 4.61.0, update to a newer version that contains a fix for this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-1458

OPENSUSE-SU-2024:10571-1

Affected Products

Clamav

Sophos Anti-Virus

Suse

PT-2012-3283 · Sophos+2 · Sophos Anti-Virus+2

CVE-2012-1458

Weakness Enumeration

Related Identifiers

Affected Products

References · 29