CVE-2009-1348

Currently unrated

Key Information:

Vendor: Mcafee
Status: Total Protection; Securityshield For Email Servers; Internet Security Suite; Virusscan Enterprise
Vendor: CVE Published:; 30 April 2009

Summary

The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

References

http://www.securityfocus.com/archive/1/503173/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://secunia.com/advisories/34949

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 30, 2009
Vulnerability Reserved
Apr 20, 2009