Unrated severityNVD Advisory· Published Apr 30, 2009· Updated Apr 23, 2026

CVE-2009-1348

Description

The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

Affected products

McAfee/Active Virus Defense
cpe:2.3:a:mcafee:active_virus_defense:*:*:*:*:*:*:*:*
McAfee/Active Virusscan
cpe:2.3:a:mcafee:active_virusscan:*:*:*:*:*:*:*:*
McAfee/Email Gateway
cpe:2.3:a:mcafee:email_gateway:*:*:*:*:*:*:*:*
McAfee/Internet Security Suite5 versions
cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:mcafee:internet_security_suite:*:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:internet_security_suite:2004:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:internet_security_suite:2005:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:internet_security_suite:2006:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:internet_security_suite:2009:*:*:*:*:*:*:*
McAfee/Securityshield For Email Servers
cpe:2.3:a:mcafee:securityshield_for_email_servers:*:*:*:*:*:*:*:*
McAfee/Securityshield For Microsoft Isa Server
cpe:2.3:a:mcafee:securityshield_for_microsoft_isa_server:*:*:*:*:*:*:*:*
McAfee/Securityshield For Microsoft Sharepoint
cpe:2.3:a:mcafee:securityshield_for_microsoft_sharepoint:*:*:*:*:*:*:*:*
McAfee/Total Protection
cpe:2.3:a:mcafee:total_protection:2009:*:*:*:*:*:*:*
McAfee/Total Protection For Endpoint
cpe:2.3:a:mcafee:total_protection_for_endpoint:*:*:*:*:*:*:*:*
McAfee/Virusscan Commandline
cpe:2.3:a:mcafee:virusscan_commandline:*:*:*:*:*:*:*:*
McAfee/Virusscan Enterprise4 versions
cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*
- cpe:2.3:a:mcafee:virusscan_enterprise:-:-:linux:*:*:*:*:*
- cpe:2.3:a:mcafee:virusscan_enterprise:-:-:sap:*:*:*:*:*
- cpe:2.3:a:mcafee:virusscan_enterprise:-:-:storage:*:*:*:*:*
McAfee/Virusscan Plus
cpe:2.3:a:mcafee:virusscan_plus:2009:*:*:*:*:*:*:*
McAfee/Virusscan Usb
cpe:2.3:a:mcafee:virusscan_usb:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kc.mcafee.com/corporate/indexnvdPatchVendor Advisory
secunia.com/advisories/34949nvdVendor Advisory
blog.zoller.lu/2009/04/mcafee-multiple-bypassesevasions-ziprar.htmlnvd
www.securityfocus.com/archive/1/503173/100/0/threadednvd
www.securityfocus.com/bid/34780nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000