CVE-2012-1458

CWE-2649 documents7 sources

Severity

4.3MEDIUM

EPSS

8.1%

top 7.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Clamav Clamav Sophos Sophos Anti-virus

Timeline

PublishedMar 21

Latest updateMay 14

Description

The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶NVDsophos/sophos_anti-virus4.61.0

▶Debianclamav< 0.97.5+dfsg-1+3

▶NVDclamav/clamav0.96.4

🔴Vulnerability Details

GHSA

GHSA-x2x7-346g-h5gv: The Microsoft CHM file parser in ClamAV 0↗2022-05-14

▶

OSV

CVE-2012-1458: The Microsoft CHM file parser in ClamAV 0↗2012-03-21

▶

CVEList

CVE-2012-1458: The Microsoft CHM file parser in ClamAV 0↗2012-03-21

▶

📋Vendor Advisories

Ubuntu

ClamAV vulnerabilities↗2012-06-19

▶

Debian

CVE-2012-1458: clamav - The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allo...↗2012

▶

💬Community

Bugzilla

CVE-2012-1458 clamav: specially-crafted CHM files evade detection↗2012-03-22

▶

Bugzilla

CVE-2012-1419 CVE-2012-1443 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 clamav various flaws [epel-all]↗2012-03-22

▶

Bugzilla

CVE-2012-1419 CVE-2012-1443 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 clamav various flaws [fedora-all]↗2012-03-22

▶