{ "id": "CVE-2009-1782", "sourceIdentifier": "cve@mitre.org", "published": "2009-05-22T20:30:00.877", "lastModified": "2017-08-17T01:30:30.317", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Multiple F-Secure anti-virus products, including Anti-Virus for Microsoft Exchange 7.10 and earlier; Internet Gatekeeper for Windows 6.61 and earlier, Windows 6.61 and earlier, and Linux 2.16 and earlier; Internet Security 2009 and earlier, Anti-Virus 2009 and earlier, Client Security 8.0 and earlier, and others; allow remote attackers to bypass malware detection via a crafted (1) ZIP and (2) RAR archive." }, { "lang": "es", "value": "M\u00faltiples productos antivirus F-Secure, incluidos: Anti-Virus for Microsoft Exchange v7.10 y anteriores; Internet Gatekeeper for Windows v6.61 y anteriores, Windows v6.61 y anteriores, y Linux v2.16 y anteriores; Internet Security 2009 y anteriores, Anti-Virus 2009 y anteriores, Client Security v8.0 y anteriores y otros; permiten a atacantes remotos saltar la detecci\u00f3n de software malicioso mediante archivos (1) .ZIP y (2) .RAR manipulados." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:linux_servers:*:*:*:*:*", "versionEndIncluding": "4.65", "matchCriteriaId": "5AE96CC9-08DC-49F0-94C4-89810D8BFE01" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:inux_client_security:*:*:*:*:*", "versionEndIncluding": "5.54", "matchCriteriaId": "8651DBB2-EC4B-474E-8431-CD7252AC4862" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:linux_server_security:*:*:*:*:*", "versionEndIncluding": "5.54", "matchCriteriaId": "BD9FDABD-6F42-47E3-8424-559D5DD46EF3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:mime_sweeper:*:*:*:*:*", "versionEndIncluding": "5.61", "matchCriteriaId": "2012AC4D-0F75-4389-9165-28930368AE4D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:microsoft_exchange:*:*:*:*:*", "versionEndIncluding": "6.62", "matchCriteriaId": "AB4ED58A-B715-467B-A463-FB0BA3653FA2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:citrix_servers:*:*:*:*:*", "versionEndIncluding": "7.00", "matchCriteriaId": "863CFFAF-FD5B-4150-A063-CB2851D689BF" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:microsoft_exchange:*:*:*:*:*", "versionEndIncluding": "7.0", "matchCriteriaId": "29A9B0A7-FFB2-460B-8BCB-1C7D9DD55A15" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:microsoft_exchange:*:*:*:*:*", "versionEndIncluding": "7.10", "matchCriteriaId": "EC9E56D7-C642-46FB-8425-A3A7F22B62D2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:windows_server:*:*:*:*:*", "versionEndIncluding": "8.00", "matchCriteriaId": "E829D765-4473-4D6E-AA51-7EC44CB09A2C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:-:workstations:*:*:*:*:*", "versionEndIncluding": "8.0", "matchCriteriaId": "ECE7F2A4-E673-4B59-BAC2-B3D01AD0E1A9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:anti-virus:*:*:*:*:*:*:*:*", "versionEndIncluding": "2009", "matchCriteriaId": "732265B4-ED48-4C91-8C96-4E2A8D0DB105" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:client_security:*:*:*:*:*:*:*:*", "versionEndIncluding": "8.0", "matchCriteriaId": "0B1D2491-0097-40BA-9B35-AA0708A822BC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:home_server_security:*:*:*:*:*:*:*:*", "versionEndIncluding": "2009", "matchCriteriaId": "90F7894C-9891-4E09-BE4B-DCA045361D32" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:-:linux:*:*:*:*:*", "versionEndIncluding": "2.16", "matchCriteriaId": "A0941F91-C6FF-492B-908C-51C46D373BB9" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:-:linux_japanese:*:*:*:*:*", "versionEndIncluding": "3.01", "matchCriteriaId": "C8E837C1-A444-4573-8F8E-4488D2917BD4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:*:-:windows:*:*:*:*:*", "versionEndIncluding": "6.61", "matchCriteriaId": "06B35ABF-C401-4DF4-9935-55E797E60220" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:internet_security:*:*:*:*:*:*:*:*", "versionEndIncluding": "2009", "matchCriteriaId": "2ECC7480-20F5-453B-A417-BB2B7BD198E4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.01", "matchCriteriaId": "FD234E72-8306-4262-A12A-1B5E18B34E90" }, { "vulnerable": true, "criteria": "cpe:2.3:a:f-secure:linux_security:*:*:*:*:*:*:*:*", "versionEndIncluding": "7.02", "matchCriteriaId": "162C76E3-5AB6-4C72-A47A-F2820ED8BF46" } ] } ] } ], "references": [ { "url": "http://www.f-secure.com/en_EMEA/support/security-advisory/fsc-2009-1.html", "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ] }, { "url": "http://www.securityfocus.com/bid/34849", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1022170", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1022171", "source": "cve@mitre.org" }, { "url": "http://www.securitytracker.com/id?1022172", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2009/1262", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50346", "source": "cve@mitre.org" } ] }