CVE-2012-1438

The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.

Published: Mar 21, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-1438
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
sophos / sophos_anti-virus	4.61.0	4.61.0.x
comodo / comodo_antivirus	7425	7425.x

http://www.ieee-security.org/TC/SP2012/program.html
http://www.securityfocus.com/archive/1/522005

Vulnerability Database

289,697

CVE-2012-1438