CVE-2009-1782

Severity Score

6.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and earlier; Internet Security 2009 and earlier, Anti-Virus 2009 and earlier, Client Security 8.0 and earlier, and others; allow remote attackers to bypass malware detection via a crafted (1) ZIP and (2) RAR archive.

Múltiples productos antivirus F-Secure, incluidos: Anti-Virus for Microsoft Exchange v7.10 y anteriores; Internet Gatekeeper for Windows v6.61 y anteriores, Windows v6.61 y anteriores, y Linux v2.16 y anteriores; Internet Security 2009 y anteriores, Anti-Virus 2009 y anteriores, Client Security v8.0 y anteriores y otros; permiten a atacantes remotos saltar la detección de software malicioso mediante archivos (1) .ZIP y (2) .RAR manipulados.

*Credits: N/A

CVSS Scores

NISTv2 6.8

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-05-22 CVE Reserved
2009-05-22 CVE Published
2023-10-09 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
http://www.securityfocus.com/bid/34849	Vdb Entry
http://www.securitytracker.com/id?1022170	Vdb Entry
http://www.securitytracker.com/id?1022171	Vdb Entry
http://www.securitytracker.com/id?1022172	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/50346	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-1.html	2017-08-17

URL	Date	SRC
http://secunia.com/advisories/35008	2017-08-17
http://www.vupen.com/english/advisories/2009/1262	2017-08-17

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 4.65 Search vendor "F-secure" for product "Anti-virus" and version " <= 4.65"		linux_servers		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 5.54 Search vendor "F-secure" for product "Anti-virus" and version " <= 5.54"		inux_client_security		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 5.54 Search vendor "F-secure" for product "Anti-virus" and version " <= 5.54"		linux_server_security		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 5.61 Search vendor "F-secure" for product "Anti-virus" and version " <= 5.61"		mime_sweeper		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 6.62 Search vendor "F-secure" for product "Anti-virus" and version " <= 6.62"		microsoft_exchange		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 7.00 Search vendor "F-secure" for product "Anti-virus" and version " <= 7.00"		citrix_servers		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 7.0 Search vendor "F-secure" for product "Anti-virus" and version " <= 7.0"		microsoft_exchange		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 7.10 Search vendor "F-secure" for product "Anti-virus" and version " <= 7.10"		microsoft_exchange		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 8.00 Search vendor "F-secure" for product "Anti-virus" and version " <= 8.00"		windows_server		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 8.0 Search vendor "F-secure" for product "Anti-virus" and version " <= 8.0"		workstations		Affected
F-secure Search vendor "F-secure"		Anti-virus Search vendor "F-secure" for product "Anti-virus"				<= 2009 Search vendor "F-secure" for product "Anti-virus" and version " <= 2009"		-		Affected
F-secure Search vendor "F-secure"		Client Security Search vendor "F-secure" for product "Client Security"				<= 8.0 Search vendor "F-secure" for product "Client Security" and version " <= 8.0"		-		Affected
F-secure Search vendor "F-secure"		Home Server Security Search vendor "F-secure" for product "Home Server Security"				<= 2009 Search vendor "F-secure" for product "Home Server Security" and version " <= 2009"		-		Affected
F-secure Search vendor "F-secure"		Internet Gatekeeper Search vendor "F-secure" for product "Internet Gatekeeper"				<= 2.16 Search vendor "F-secure" for product "Internet Gatekeeper" and version " <= 2.16"		linux		Affected
F-secure Search vendor "F-secure"		Internet Gatekeeper Search vendor "F-secure" for product "Internet Gatekeeper"				<= 3.01 Search vendor "F-secure" for product "Internet Gatekeeper" and version " <= 3.01"		linux_japanese		Affected
F-secure Search vendor "F-secure"		Internet Gatekeeper Search vendor "F-secure" for product "Internet Gatekeeper"				<= 6.61 Search vendor "F-secure" for product "Internet Gatekeeper" and version " <= 6.61"		windows		Affected
F-secure Search vendor "F-secure"		Internet Security Search vendor "F-secure" for product "Internet Security"				<= 2009 Search vendor "F-secure" for product "Internet Security" and version " <= 2009"		-		Affected
F-secure Search vendor "F-secure"		Linux Security Search vendor "F-secure" for product "Linux Security"				<= 7.01 Search vendor "F-secure" for product "Linux Security" and version " <= 7.01"		-		Affected
F-secure Search vendor "F-secure"		Linux Security Search vendor "F-secure" for product "Linux Security"				<= 7.02 Search vendor "F-secure" for product "Linux Security" and version " <= 7.02"		-		Affected