CVE-2012-1458
Description
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.
Risk Information
Base Score
5.5
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS Score
Exploitation Probability
8.119
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Clamav 0.96.4 | Windows |
| Anti-virus utility for Unix (USN-1482-1) clamav_0.98.7+dfsg-0ubuntu0.12.04.1_i386.deb | Linux |
| Anti-virus utility for Unix (USN-1482-1) clamav_0.98.7+dfsg-0ubuntu0.12.04.1_amd64.deb | Linux |
| Anti-virus utility for Unix (USN-1482-1) libclamav6_0.98.7+dfsg-0ubuntu0.12.04.1_i386.deb | Linux |
| Anti-virus utility for Unix (USN-1482-1) libclamav6_0.98.7+dfsg-0ubuntu0.12.04.1_amd64.deb | Linux |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-341177 | ClamAV (0.103.12) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234