CVE-2012-1458
Published: 21 March 2012
The Microsoft CHM file parser in ClamAV 0.96.4 and Sophos Anti-Virus 4.61.0 allows remote attackers to bypass malware detection via a crafted reset interval in the LZXC header of a CHM file. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CHM parser implementations.
Priority
Status
Package | Release | Status |
---|---|---|
clamav Launchpad, Ubuntu, Debian |
hardy |
Ignored
(end of life)
|
lucid |
Released
(0.96.5+dfsg-1ubuntu1.10.04.4)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Released
(0.97.5+dfsg-1ubuntu0.11.04.1)
|
|
oneiric |
Released
(0.97.5+dfsg-1ubuntu0.11.10.1)
|
|
precise |
Released
(0.97.5+dfsg-1ubuntu0.12.04.1)
|
|
upstream |
Released
(0.97.5)
|
|
Patches: upstream: http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=a58b68f8adf2466b761ce05f74a4580c1f74fbe6 upstream: http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=9d6be7c56091f012e90074122db4ec12d3516011 (related) |