Quick Heal
CVE-2012-1452
MEDIUM
Severity by source
AV:N/AC:M/Au:N/C:N/I:P/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:M/Au:N/C:N/I:P/A:N
Lifecycle Timeline
1DescriptionCVE.org
The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a CAB file with a modified reserved1 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.
AnalysisAI
The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-264. The CAB file parser in Emsisoft Anti-Malware 5.1.0.1, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a CAB file with a modified reserved1 field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations. Affected products include: Cat Quick Heal, Emsisoft Anti-Malware, Ikarus Ikarus Virus Utilities T3 Command Line Scanner.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Quick Heal
View allThe TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7,
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Emsis
The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast!. Rated medium severity (CVSS 4.3), t
The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVir
The TAR file parser in AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickHeal) 11.00, Comodo Antivirus 7424, Emsisoft
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Command Antivirus 5.2.11.5, F-Prot Antivirus 4.6.2.117, For
The ZIP file parser in AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, Quick Heal (aka Cat QuickH
The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allo
The TAR file parser in Quick Heal (aka Cat QuickHeal) 11.00, Norman Antivirus 6.06.12, and Sophos Anti-Virus 4.61.0 allo
The TAR file parser in Antiy Labs AVL SDK 2.0.3.7, Quick Heal (aka Cat QuickHeal) 11.00, Jiangmin Antivirus 13.0.900, No
The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gate
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today