Lucene search

[email protected]CVE-2009-1783

HistoryMay 22, 2009 - 8:30 p.m.

CVE-2009-1783

2009-05-2220:30:00

CWE-20

[email protected]

web.nvd.nist.gov

frisk software

f-prot

antivirus

malware detection

bypass

cab archive

security vulnerability

cve-2009-1783

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.2%

JSON

Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.

CPENameOperatorVersion
f-prot:f-prot_antivirusf-prot f-prot antiviruseq*
f-prot:f-prot_milterf-prot f-prot miltereq*
f-prot:f-prot_avesf-prot f-prot aveseq*

CPE	Name	Operator	Version
f-prot:f-prot_antivirus	f-prot f-prot antivirus	eq	*
f-prot:f-prot_milter	f-prot f-prot milter	eq	*
f-prot:f-prot_aves	f-prot f-prot aves	eq	*

References

blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html

www.securityfocus.com/archive/1/503393/100/0/threaded

www.securityfocus.com/bid/34896

exchange.xforce.ibmcloud.com/vulnerabilities/50427

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for CVE-2009-1783

cvelist1 openvas4 prion1