CVE-2009-1348

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-1348
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

7.6 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html
http://secunia.com/advisories/34949 Vendor Advisory
http://www.securityfocus.com/archive/1/503173/100/0/threaded
http://www.securityfocus.com/bid/34780
https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:active_virus_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:active_virusscan:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2009:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:securityshield_for_email_servers:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:securityshield_for_microsoft_isa_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:securityshield_for_microsoft_sharepoint:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:total_protection:2009:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:total_protection_for_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_commandline:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:-:-:linux:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:-:-:sap:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:-:-:storage:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_plus:2009:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_usb:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2009-04-30 20:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-1348

Mitre link : CVE-2009-1348

CVE.ORG link : CVE-2009-1348

JSON object : View

Products Affected

mcafee

  • email_gateway
  • total_protection
  • virusscan_commandline
  • active_virusscan
  • securityshield_for_microsoft_isa_server
  • virusscan_usb
  • virusscan_enterprise
  • securityshield_for_email_servers
  • total_protection_for_endpoint
  • active_virus_defense
  • virusscan_plus
  • securityshield_for_microsoft_sharepoint
  • internet_security_suite
CWE
CWE-20

Improper Input Validation