CVE-2012-1438

CVSS 4.3 - MEDIUM

Description

The Microsoft Office file parser in Comodo Antivirus 7425 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via an Office file with a ustar character sequence at a certain location. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different Office parser implementations.

Affected Products

2

Vendor	Product	Version
comodo	comodo_antivirus	`7425`
sophos	sophos_anti-virus	`4.61.0`

References

http://www.ieee-security.org/TC/SP2012/program.htm...

http://www.securityfocus.com/archive/1/522005

http://www.ieee-security.org/TC/SP2012/program.htm...

http://www.securityfocus.com/archive/1/522005

Weakness Types

CWE-264

CVE Information

CVE ID:: CVE-2012-1438
Published:: 2012-03-21
Modified:: 2026-04-29
CVSS Score:: 4.3
Severity:: MEDIUM
Vector:: AV:N/AC:M/Au:N/C:N/I:P/A:N

Affected Vendors

sophos comodo

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL