What is CVE-2012-1448?

CVE-2012-1448 is a vulnerability in Cat Quick_heal, classified under CWE-264. Published 2012-03-21.

Is CVE-2012-1448 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Cat Quick_heal

CVE-2012-1448

The CAB file parser in Quick Heal (aka Cat QuickHeal) 11.00, Trend Micro AntiVirus 9.120.0.1004, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Trend Micro HouseCall 9.120.0.1004, and Emsisoft Anti-Malware 5.1.0.1 allows remote a…

EPSS: 0.083 (92.4th percentile) — read the EPSS interpretation.

Affected products

Cat Quick_heal — versions 11.00
Emsisoft Anti-malware — versions 5.1.0.1
Ikarus Ikarus_virus_utilities_t3_command_line_scanner — versions 1.1.97.0
Trendmicro Housecall — versions 9.120.0.1004
Trendmicro Trend_micro_antivirus — versions 9.120.0.1004
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (mailing-list, x_refsource_BUGTRAQ)
cve@mitre.org (x_refsource_MISC)
52603 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2012-1448?: CVE-2012-1448 is a vulnerability in Cat Quick_heal, classified under CWE-264. Published 2012-03-21.
Is CVE-2012-1448 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.