Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-1348
HistoryApr 30, 2009 - 8:30 p.m.

CVE-2009-1348

2009-04-3020:30:00
CWE-20
[email protected]
web.nvd.nist.gov
24
mcafee
virusscan
total protection
internet security
securityshield
av engine bypass
vulnerability
nvd
cve-2009-1348

6.7 Medium

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.8%

JSON

The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

Affected configurations

NVD
Node
mcafeeactive_virus_defense
OR
mcafeeactive_virusscan
OR
mcafeeemail_gateway
OR
mcafeeinternet_security_suite
OR
mcafeeinternet_security_suiteMatch2004
OR
mcafeeinternet_security_suiteMatch2005
OR
mcafeeinternet_security_suiteMatch2006
OR
mcafeeinternet_security_suiteMatch2009
OR
mcafeesecurityshield_for_email_servers
OR
mcafeesecurityshield_for_microsoft_isa_server
OR
mcafeesecurityshield_for_microsoft_sharepoint
OR
mcafeetotal_protectionMatch2009
OR
mcafeetotal_protection_for_endpoint
OR
mcafeevirusscan_commandline
OR
mcafeevirusscan_enterprise
OR
mcafeevirusscan_enterpriseMatch--linux
OR
mcafeevirusscan_enterpriseMatch--sap
OR
mcafeevirusscan_enterpriseMatch--storage
OR
mcafeevirusscan_plusMatch2009
OR
mcafeevirusscan_usb

Related

openvas 4
nvd 1
cvelist 1
prion 1
nessus 1
openvas
openvas
McAfee Products Security Bypass Vulnerability (Windows)
2009-05-26 00:00:00
McAfee Products Security Bypass Vulnerability (Linux)
2009-05-26 00:00:00
McAfee Products Security Bypass Vulnerability (SB10001) - Windows
2009-05-26 00:00:00
nvd
nvd
CVE-2009-1348
2009-04-30 20:30:00
cvelist
cvelist
CVE-2009-1348
2009-04-30 20:00:00
prion
prion
Authentication flaw
2009-04-30 20:30:00
nessus
nessus
McAfee Antivirus ZIP / RAR Scan Evasion
2009-05-01 00:00:00

6.7 Medium

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.8%

JSON
Related for CVE-2009-1348
openvas4nvd1cvelist1prion1nessus1