CVE-2009-1348
Severity Score
4.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
El AV engine antes de DAT 5600 en McAfee VirusScan, Total Protection, Internet Security, SecurityShield para Microsoft ISA Server, Security para Microsoft Sharepoint, Security para Email Servers, Email Gateway, y Active Virus Defense permite a atacantes remotos eludir la detección de virus a través de (1) un campo Headflags inválido de un archivo RAR malformado, (2) un campo Packsize inválido de un archivo RAR malformado, o (3) un campo Filelength de un archivo ZIP malformado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2009-04-20 CVE Reserved
- 2009-04-30 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html | X_refsource_misc | |
| http://www.securityfocus.com/archive/1/503173/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/34780 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT | 2018-10-10 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/34949 | 2018-10-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mcafee Search vendor "Mcafee" | Active Virus Defense Search vendor "Mcafee" for product "Active Virus Defense" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Active Virusscan Search vendor "Mcafee" for product "Active Virusscan" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Email Gateway Search vendor "Mcafee" for product "Email Gateway" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Internet Security Suite Search vendor "Mcafee" for product "Internet Security Suite" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Internet Security Suite Search vendor "Mcafee" for product "Internet Security Suite" | 2004 Search vendor "Mcafee" for product "Internet Security Suite" and version "2004" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Internet Security Suite Search vendor "Mcafee" for product "Internet Security Suite" | 2005 Search vendor "Mcafee" for product "Internet Security Suite" and version "2005" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Internet Security Suite Search vendor "Mcafee" for product "Internet Security Suite" | 2006 Search vendor "Mcafee" for product "Internet Security Suite" and version "2006" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Internet Security Suite Search vendor "Mcafee" for product "Internet Security Suite" | 2009 Search vendor "Mcafee" for product "Internet Security Suite" and version "2009" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Securityshield For Email Servers Search vendor "Mcafee" for product "Securityshield For Email Servers" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Securityshield For Microsoft Isa Server Search vendor "Mcafee" for product "Securityshield For Microsoft Isa Server" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Securityshield For Microsoft Sharepoint Search vendor "Mcafee" for product "Securityshield For Microsoft Sharepoint" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Total Protection Search vendor "Mcafee" for product "Total Protection" | 2009 Search vendor "Mcafee" for product "Total Protection" and version "2009" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Total Protection For Endpoint Search vendor "Mcafee" for product "Total Protection For Endpoint" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Virusscan Commandline Search vendor "Mcafee" for product "Virusscan Commandline" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Virusscan Enterprise Search vendor "Mcafee" for product "Virusscan Enterprise" | * | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Virusscan Enterprise Search vendor "Mcafee" for product "Virusscan Enterprise" | - | linux |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Virusscan Enterprise Search vendor "Mcafee" for product "Virusscan Enterprise" | - | sap |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Virusscan Enterprise Search vendor "Mcafee" for product "Virusscan Enterprise" | - | storage |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Virusscan Plus Search vendor "Mcafee" for product "Virusscan Plus" | 2009 Search vendor "Mcafee" for product "Virusscan Plus" and version "2009" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Virusscan Usb Search vendor "Mcafee" for product "Virusscan Usb" | * | - |
Affected
| ||||||