PT-2009-3878 · Mcafee · Mcafee Securityshield For Microsoft Isa Server+7

Thierry Zoller

·

Published

2009-04-30

·

Updated

2018-10-10

·

CVE-2009-1348

CVSS v2.0

7.6

High

VectorAV:N/AC:H/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions McAfee VirusScan versions prior to DAT 5600 McAfee Total Protection versions prior to DAT 5600 McAfee Internet Security versions prior to DAT 5600 McAfee SecurityShield for Microsoft ISA Server versions prior to DAT 5600 McAfee Security for Microsoft Sharepoint versions prior to DAT 5600 McAfee Security for Email Servers versions prior to DAT 5600 McAfee Email Gateway versions prior to DAT 5600 McAfee Active Virus Defense versions prior to DAT 5600
Description The issue allows remote attackers to bypass virus detection via malformed archives, including RAR and ZIP files, by exploiting invalid fields such as Headflags in RAR archives, Packsize in RAR archives, or Filelength in ZIP archives.
Recommendations For McAfee VirusScan versions prior to DAT 5600, update to DAT 5600 or later. For McAfee Total Protection versions prior to DAT 5600, update to DAT 5600 or later. For McAfee Internet Security versions prior to DAT 5600, update to DAT 5600 or later. For McAfee SecurityShield for Microsoft ISA Server versions prior to DAT 5600, update to DAT 5600 or later. For McAfee Security for Microsoft Sharepoint versions prior to DAT 5600, update to DAT 5600 or later. For McAfee Security for Email Servers versions prior to DAT 5600, update to DAT 5600 or later. For McAfee Email Gateway versions prior to DAT 5600, update to DAT 5600 or later. For McAfee Active Virus Defense versions prior to DAT 5600, update to DAT 5600 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2009-1348

Affected Products

Mcafee Active Virus Defense
Mcafee Email Gateway
Mcafee Internet Security
Mcafee Security For Email Servers
Mcafee Security For Microsoft Sharepoint
Mcafee Securityshield For Microsoft Isa Server
Mcafee Total Protection
Mcafee Virusscan