Unrated severityNVD Advisory· Published Mar 21, 2012· Updated Apr 29, 2026

CVE-2012-1453

Description

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations.

Affected products

Antiy/Avl Sdk
cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*
Ca/Etrust Vet Antivirus
cpe:2.3:a:ca:etrust_vet_antivirus:36.1.8511:*:*:*:*:*:*:*
Drweb/Dr.web Antivirus
cpe:2.3:a:drweb:dr.web_antivirus:5.0.2.03300:*:*:*:*:*:*:*
Emsisoft/Anti Malware
cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*
Fortinet/Fortinet Antivirus
cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*
Ikarus/Ikarus Virus Utilities T3 Command Line Scanner
cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*
Kaspersky/Kaspersky Anti Virus
cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*
McAfee/Gateway
cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*
Microsoft/Security Essentials
cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*
Pandasecurity/Panda Antivirus
cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*
Rising Global/Rising Antivirus
cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*
Sophos/Anti Virus
cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*
Trend Micro/Housecall
cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*
Trend Micro/Trend Micro Antivirus
cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/80482nvd
osvdb.org/80483nvd
osvdb.org/80484nvd
osvdb.org/80485nvd
osvdb.org/80486nvd
osvdb.org/80487nvd
osvdb.org/80488nvd
osvdb.org/80489nvd
www.ieee-security.org/TC/SP2012/program.htmlnvd
www.securityfocus.com/archive/1/522005nvd
www.securityfocus.com/bid/52621nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.063
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000