Vulnerabilites related to f-prot - f-prot_milter
CVE-2009-1783 (GCVE-0-2009-1783)
Vulnerability from cvelistv5
Published
2009-05-22 20:00
Modified
2024-08-07 05:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:27:54.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"name": "34896",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34896"
},
{
"name": "20090509 [TZO-21-2009] Fprot CAB bypass / evasion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"name": "fprot-cab-security-bypass(50427)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"name": "34896",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34896"
},
{
"name": "20090509 [TZO-21-2009] Fprot CAB bypass / evasion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"name": "fprot-cab-security-bypass(50427)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html",
"refsource": "MISC",
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"name": "34896",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34896"
},
{
"name": "20090509 [TZO-21-2009] Fprot CAB bypass / evasion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"name": "fprot-cab-security-bypass(50427)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1783",
"datePublished": "2009-05-22T20:00:00",
"dateReserved": "2009-05-22T00:00:00",
"dateUpdated": "2024-08-07T05:27:54.129Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2009-05-22 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_antivirus | * | |
| f-prot | f-prot_aves | * | |
| f-prot | f-prot_milter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:exchange:*:*:*:*:*:*",
"matchCriteriaId": "E235C40F-068D-4529-910B-DFFC78D3E8B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_on_ibm_zseries:*:*:*:*:*:*",
"matchCriteriaId": "EEF8C31A-2B41-41F2-91A3-2F16DE5B4119",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_x86_file_servers:*:*:*:*:*:*",
"matchCriteriaId": "44F21EE4-5335-41D0-AB4B-CA36137772F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_x86_mail_servers:*:*:*:*:*:*",
"matchCriteriaId": "EC65F491-E7B3-405F-B734-6AB4DA175735",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:linux_x86_workstations:*:*:*:*:*:*",
"matchCriteriaId": "5B4C47DB-7B40-4322-B41C-16F7FFC888BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:solaris_mail_servers:*:*:*:*:*:*",
"matchCriteriaId": "866B0D8C-6F5E-48A0-B891-C41B2A33DD15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:windows:*:*:*:*:*:*",
"matchCriteriaId": "BCAF39F4-835D-4BAF-ACE3-3C39625EBBFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_antivirus:*:windows_mail_servers:*:*:*:*:*:*",
"matchCriteriaId": "8AE486C5-CCE9-49EF-B8A3-FEF0BB0137AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_aves:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C33C37C9-BC92-4BB4-AF0C-264384A63190",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:f-prot:f-prot_milter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6D5B56C-C89D-42B4-BEB9-297C1DC0497B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attackers to bypass malware detection via a crafted CAB archive."
},
{
"lang": "es",
"value": "M\u00faltiples productos antivirus FRISK Software F-Prot, incluidos: Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows y otros, permiten a atacantes remotos saltar la detecci\u00f3n de software malicioso mediante un fichero .CAB manipulado."
}
],
"id": "CVE-2009-1783",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-05-22T20:30:00.907",
"references": [
{
"source": "cve@mitre.org",
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34896"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://blog.zoller.lu/2009/04/advisory-f-prot-frisk-cab-bypass.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/503393/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50427"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}