Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1438


Vulnerability Score 4.3 4.3
CVE Id CVE-2012-1438
Last Modified 27 Mar 2012 12:00:00
Published 21 Mar 2012 06:11:47
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.

Vulnerable Systems


  • Comodo Antivirus 7425

  • Sophos Anti-virus 4.61.0


BUGTRAQ - 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products


Last Updated: 27 May 2016 10:42:31