CVE-2012-1443

Description

The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Command Antivirus 5.2.11.5, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Emsisoft Anti-Malware 5.1.0.1, PC Tools AntiVirus 7.0.3.5, F-Prot Antivirus 4.6.2.117, VirusBuster 13.6.151.0, Fortinet Antivirus 4.2.254.0, Antiy Labs AVL SDK 2.0.3.7, K7 AntiVirus 9.77.3565, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Jiangmin Antivirus 13.0.900, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Sophos Anti-Virus 4.61.0, NOD32 Antivirus 5795, Avira AntiVir 7.11.1.163, Norman Antivirus 6.06.12, McAfee Anti-Virus Scanning Engine 5.400.0.1158, Panda Antivirus 10.0.2.7, McAfee Gateway (formerly Webwasher) 2010.1C, Trend Micro AntiVirus 9.120.0.1004, Comodo Antivirus 7424, Bitdefender 7.2, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, nProtect Anti-Virus 2011-01-17.01, AhnLab V3 Internet Security 2011.01.18.00, AVG Anti-Virus 10.0.0.1190, avast! Antivirus 4.8.1351.0 and 5.0.677.0, and VBA32 3.12.14.2 allows user-assisted remote attackers to bypass malware detection via a RAR file with an initial MZ character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different RAR parser implementations.

Category

4.3
CVSS
Severity: Medium
CVSS 2.0 •
EPSS 56.55% Top 5%
Affected: n/a n/a
Published at:
Updated at:

References

Link Tags
http://osvdb.org/80472 vdb entry
http://www.securityfocus.com/archive/1/522005 mailing list
http://www.securityfocus.com/bid/52612 vdb entry
http://osvdb.org/80467 vdb entry
http://osvdb.org/80461 vdb entry
http://osvdb.org/80470 vdb entry
http://osvdb.org/80460 vdb entry
http://www.ieee-security.org/TC/SP2012/program.html
http://osvdb.org/80468 vdb entry
http://osvdb.org/80456 vdb entry
http://osvdb.org/80457 vdb entry
http://osvdb.org/80458 vdb entry
http://osvdb.org/80454 vdb entry
http://osvdb.org/80455 vdb entry
http://osvdb.org/80459 vdb entry
http://osvdb.org/80469 vdb entry
http://osvdb.org/80471 vdb entry

Frequently Asked Questions

What is the severity of CVE-2012-1443?
CVE-2012-1443 has been scored as a medium severity vulnerability.
How to fix CVE-2012-1443?
To fix CVE-2012-1443, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2012-1443 being actively exploited in the wild?
It is possible that CVE-2012-1443 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~57% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.