CVE-2009-1784

CWE-20Improper Input Validation3 documents3 sources
Severity
10.0CRITICAL
EPSS
0.4%
top 40.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
AVG AVG Anti-virus
Timeline
PublishedMay 22
Latest updateMay 2

Description

The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus products including Anti-Virus Network Edition, Internet Security Netzwerk Edition, Server Edition für Linux/FreeBSD, Anti-Virus SBS Edition, and others allows remote attackers to bypass malware detection via a crafted (1) RAR and (2) ZIP archive.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDavg/avg_anti-virus8.0.156+10

🔴Vulnerability Details

2
GHSA
GHSA-x7h4-8fq8-wv2j: The AVG parsing engine 82022-05-02
CVEList
CVE-2009-1784: The AVG parsing engine 82009-05-22
CVE-2009-1784 (CRITICAL CVSS 10) | The AVG parsing engine 8.5 323 | cvebase.io