CVE-2012-1453

CWE-2645 documents5 sources
Severity
4.3MEDIUM
EPSS
78.5%
top 0.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
14
Antiy AVL SDKCA Etrust VET AntivirusDrweb Dr.web Antivirus+11 more
Timeline
PublishedMar 21
Latest updateMay 17

Description

The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages14 packages

🔴Vulnerability Details

2
GHSA
GHSA-q3xc-hm3w-5mx3: The CAB file parser in Dr2022-05-17
CVEList
CVE-2012-1453: The CAB file parser in Dr2012-03-21

💥Exploits & PoCs

1
Exploit-DB
Joomla! 3.0.2 - 'highlight.php' PHP Object Injection2013-02-27

💬Community

1
Bugzilla
window.document needs to be [Unforgeable]2013-07-03
CVE-2012-1453 (MEDIUM CVSS 4.3) | The CAB file parser in Dr.Web 5.0.2 | cvebase.io