CVE-2009-1348

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2009-1348
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

7.6 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html
https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT Patch Vendor Advisory
http://www.securityfocus.com/bid/34780
http://secunia.com/advisories/34949 Vendor Advisory
http://www.securityfocus.com/archive/1/503173/100/0/threaded
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mcafee:internet_security_suite:2009:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_usb:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:securityshield_for_email_servers:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_plus:2009:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:total_protection:2009:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:-:-:linux:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:-:-:sap:*:*:*:*:*
cpe:2.3:a:mcafee:total_protection_for_endpoint:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:active_virus_defense:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:securityshield_for_microsoft_sharepoint:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_commandline:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:virusscan_enterprise:-:-:storage:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:active_virusscan:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:securityshield_for_microsoft_isa_server:*:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*
cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*
Information

Published : 2009-04-30 13:30

Updated : 2018-10-10 12:36

NVD link : CVE-2009-1348

Mitre link : CVE-2009-1348

JSON object : View

CWE
CWE-20

Improper Input Validation

Advertisement

dedicated server usa
Products Affected

mcafee

  • internet_security_suite
  • active_virusscan
  • virusscan_usb
  • virusscan_commandline
  • virusscan_plus
  • active_virus_defense
  • securityshield_for_email_servers
  • virusscan_enterprise
  • securityshield_for_microsoft_sharepoint
  • email_gateway
  • securityshield_for_microsoft_isa_server
  • total_protection_for_endpoint
  • total_protection