{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-30T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT"}, {"name": "34949", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/34949"}, {"name": "34780", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/34780"}, {"tags": ["x_refsource_MISC"], "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1348", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT"}, {"name": "34949", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34949"}, {"name": "34780", "refsource": "BID", "url": "http://www.securityfocus.com/bid/34780"}, {"name": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html", "refsource": "MISC", "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:13:24.691Z"}, "title": "CVE Program Container", "references": [{"name": "20090501 [TZO-18-2009] Mcafee multiple evasions/bypasses (RAR, ZIP)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT"}, {"name": "34949", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/34949"}, {"name": "34780", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/34780"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1348", "datePublished": "2009-04-30T20:00:00.000Z", "dateReserved": "2009-04-20T00:00:00.000Z", "dateUpdated": "2024-08-07T05:13:24.691Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:active_virus_defense:*:*:*:*:*:*:*:*", "matchCriteriaId": "55875615-29A3-4092-975C-60E9C8FAB03E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:active_virusscan:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A14000E-6A4C-474B-A92B-473A0EB0C533", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "35188DE1-99A4-42B1-81C3-E2ECBD589605", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7C68CA8-9525-4FBA-A873-F17524D3F595", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*", "matchCriteriaId": "CB0A7659-25FF-4E18-B2BA-34F6FD6410F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*", "matchCriteriaId": "1C22BB62-9790-4D89-B1B4-D5E0F4FFB3C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*", "matchCriteriaId": "7E69BB96-F48B-43DA-BA7B-530E5148CCC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:internet_security_suite:2009:*:*:*:*:*:*:*", "matchCriteriaId": "B978BD2B-D454-49BB-81A4-EABA14E75600", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:securityshield_for_email_servers:*:*:*:*:*:*:*:*", "matchCriteriaId": "AC106925-640E-4318-BDED-A9F904961AE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:securityshield_for_microsoft_isa_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "53275048-EE57-4204-86FA-BC6B8D5D614F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:securityshield_for_microsoft_sharepoint:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E7A0A32-C1B6-465D-ABB3-156C570A0E5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:total_protection:2009:*:*:*:*:*:*:*", "matchCriteriaId": "B3C7EE0B-F166-478E-B800-B4D429B26F93", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:total_protection_for_endpoint:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CD4E524-C466-4FB5-92FD-7EDAEEAE1F6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan_commandline:*:*:*:*:*:*:*:*", "matchCriteriaId": "F1FAB752-311E-4594-AE25-34BD02844578", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0BCC0FD-E09A-495A-926A-FE080BE46A20", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:linux:*:*:*:*:*", "matchCriteriaId": "316D3C1B-D7E4-4FA9-B5CD-72D18BE775EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:sap:*:*:*:*:*", "matchCriteriaId": "C64CDC92-E9CD-446A-9ADE-B10A28E20A3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:-:-:storage:*:*:*:*:*", "matchCriteriaId": "019C46AA-7537-4930-BDC8-8EA0F6C5A216", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan_plus:2009:*:*:*:*:*:*:*", "matchCriteriaId": "2B4CF979-7A55-4712-9B48-D885B746B62F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:virusscan_usb:*:*:*:*:*:*:*:*", "matchCriteriaId": "42D0FC30-BAA5-4677-A3E5-C7A6DEB8BE0E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive."}, {"lang": "es", "value": "El AV engine antes de DAT 5600 en McAfee VirusScan, Total Protection, Internet Security, SecurityShield para Microsoft ISA Server, Security para Microsoft Sharepoint, Security para Email Servers, Email Gateway, y Active Virus Defense permite a atacantes remotos eludir la detecci\u00f3n de virus a trav\u00e9s de (1) un campo Headflags inv\u00e1lido de un archivo RAR malformado, (2) un campo Packsize inv\u00e1lido de un archivo RAR malformado, o (3) un campo Filelength de un archivo ZIP malformado."}], "id": "CVE-2009-1348", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2009-04-30T20:30:00.467", "references": [{"source": "cve@mitre.org", "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34949"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/34780"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/34949"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/503173/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/34780"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10001&actp=LIST_RECENT"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}