CVE-2009-1348

Mcafee Active Virus Defense - Improper Input Validation

Title source: rule

Description

The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

References (5)

Scores

EPSS 0.0040
EPSS Percentile 60.2%

Classification

CWE
CWE-20
Status draft

Affected Products (20)

mcafee/active_virus_defense
mcafee/active_virusscan
mcafee/email_gateway
mcafee/internet_security_suite
mcafee/internet_security_suite
mcafee/internet_security_suite
mcafee/internet_security_suite
mcafee/internet_security_suite
mcafee/securityshield_for_email_servers
mcafee/securityshield_for_microsoft_isa_server
mcafee/securityshield_for_microsoft_sharepoint
mcafee/total_protection
mcafee/total_protection_for_endpoint
mcafee/virusscan_commandline
mcafee/virusscan_enterprise
... and 5 more

Timeline

Published Apr 30, 2009
Tracked Since Feb 18, 2026