CVE-2009-1348

Name: CVE-2009-1348
Creator: NVD / NIST
Published: 2009-04-30T20:30:00.467+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.83%

Last modified Jun 16, 2026

CVE-2009-1348 is a vulnerability of currently unknown severity. The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.. EPSS estimates a 2.83% chance of exploitation in the next 30 days.

Description

The AV engine before DAT 5600 in McAfee VirusScan, Total Protection, Internet Security, SecurityShield for Microsoft ISA Server, Security for Microsoft Sharepoint, Security for Email Servers, Email Gateway, and Active Virus Defense allows remote attackers to bypass virus detection via (1) an invalid Headflags field in a malformed RAR archive, (2) an invalid Packsize field in a malformed RAR archive, or (3) an invalid Filelength field in a malformed ZIP archive.

Metrics

EPSS Probability

2.83%

84.9th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Mcafee	Active Virus Defense	All versions
Mcafee	Active Virusscan	All versions
Mcafee	Email Gateway	All versions
Mcafee	Internet Security Suite	All versions
Mcafee	Internet Security Suite	2004
Mcafee	Internet Security Suite	2005
Mcafee	Internet Security Suite	2006
Mcafee	Internet Security Suite	2009
Mcafee	Securityshield For Email Servers	All versions
Mcafee	Securityshield For Microsoft Isa Server	All versions
Mcafee	Securityshield For Microsoft Sharepoint	All versions
Mcafee	Total Protection	2009
Mcafee	Total Protection For Endpoint	All versions
Mcafee	Virusscan Commandline	All versions
Mcafee	Virusscan Enterprise	All versions
Mcafee	Virusscan Plus	2009
Mcafee	Virusscan Usb	All versions

References

Timeline

Published: Apr 30, 2009
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2009-1348?

How severe is CVE-2009-1348?

Severity scoring for CVE-2009-1348 is pending analysis. The EPSS model estimates a 2.83% probability of exploitation in the next 30 days.

How do I fix CVE-2009-1348?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-1348?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST