Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1435


Vulnerability Score 4.3 4.3
CVE Id CVE-2012-1435
Last Modified 21 Mar 2012 12:00:00
Published 21 Mar 2012 06:11:47
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



The Microsoft EXE file parser in AhnLab V3 Internet Security 2011.01.18.00, Emsisoft Anti-Malware, eSafe, Ikarus Virus Utilities T3 Command Line Scanner, and Panda Antivirus allows remote attackers to bypass malware detection via an EXE file with a \50\4B\4C\49\54\45 character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different EXE parser implementations.

Vulnerable Systems


  • Ahnlab V3 Internet Security 2011.01.18.00

  • Aladdin Esafe

  • Emsisoft Anti-malware

  • Ikarus Virus Utilities T3 Command Line Scanner

  • Pandasecurity Panda Antivirus


BUGTRAQ - 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products


Last Updated: 27 May 2016 10:47:11