cve-2009-1783
Vulnerability from cvelistv5
Published
2009-05-22 20:00
Modified
2024-08-07 05:27
Severity ?
EPSS score ?
Summary
Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"name": "34896",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34896"
},
{
"name": "20090509 [TZO-21-2009] Fprot CAB bypass / evasion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"name": "fprot-cab-security-bypass(50427)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"name": "34896",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34896"
},
{
"name": "20090509 [TZO-21-2009] Fprot CAB bypass / evasion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"name": "fprot-cab-security-bypass(50427)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html",
"refsource": "MISC",
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"name": "34896",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34896"
},
{
"name": "20090509 [TZO-21-2009] Fprot CAB bypass / evasion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"name": "fprot-cab-security-bypass(50427)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1783",
"datePublished": "2009-05-22T20:00:00",
"dateReserved": "2009-05-22T00:00:00",
"dateUpdated": "2024-08-07T05:27:54.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-1783\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-05-22T20:30:00.907\",\"lastModified\":\"2024-11-21T01:03:21.160\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples productos antivirus FRISK Software F-Prot, incluidos: Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows y otros, permiten a atacantes remotos saltar la detecci\u00f3n de software malicioso mediante un fichero .CAB manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:exchange:*:*:*:*:*:*\",\"matchCriteriaId\":\"E235C40F-068D-4529-910B-DFFC78D3E8B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_on_ibm_zseries:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEF8C31A-2B41-41F2-91A3-2F16DE5B4119\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_x86_file_servers:*:*:*:*:*:*\",\"matchCriteriaId\":\"44F21EE4-5335-41D0-AB4B-CA36137772F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_x86_mail_servers:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC65F491-E7B3-405F-B734-6AB4DA175735\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_x86_workstations:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B4C47DB-7B40-4322-B41C-16F7FFC888BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:solaris_mail_servers:*:*:*:*:*:*\",\"matchCriteriaId\":\"866B0D8C-6F5E-48A0-B891-C41B2A33DD15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:windows:*:*:*:*:*:*\",\"matchCriteriaId\":\"BCAF39F4-835D-4BAF-ACE3-3C39625EBBFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_antivirus:*:windows_mail_servers:*:*:*:*:*:*\",\"matchCriteriaId\":\"8AE486C5-CCE9-49EF-B8A3-FEF0BB0137AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_aves:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C33C37C9-BC92-4BB4-AF0C-264384A63190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:f-prot:f-prot_milter:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6D5B56C-C89D-42B4-BEB9-297C1DC0497B\"}]}]}],\"references\":[{\"url\":\"http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/503393/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/34896\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50427\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/503393/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/34896\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/50427\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.