CVE-2009-1348
published 2009-04-30CVE-2009-1348: The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft…
PriorityP434high7.6CVSS 2.0
AVNACHAuNCCICAC
EPSS
2.83%
84.9th percentile
The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mcafee | internet_security_suite | — | — |
| mcafee | internet_security_suite | — | — |
| mcafee | internet_security_suite | — | — |
| mcafee | internet_security_suite | — | — |
| mcafee | total_protection | — | — |
| mcafee | virusscan_plus | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.htmlhttp://secunia.com/advisories/34949http://www.securityfocus.com/archive/1/503173/100/0/threadedhttp://www.securityfocus.com/bid/34780https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENThttp://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.htmlhttp://secunia.com/advisories/34949http://www.securityfocus.com/archive/1/503173/100/0/threadedhttp://www.securityfocus.com/bid/34780https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT
2009-04-30
Published