Vulnerability Description
The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus products including Anti-Virus Network Edition, Internet Security Netzwerk Edition, Server Edition für Linux/FreeBSD, Anti-Virus SBS Edition, and others allows remote attackers to bypass malware detection via a crafted (1) RAR and (2) ZIP archive.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Avg | Avg Anti-Virus | <= 8.0.156 |
Related Weaknesses (CWE)
References
- http://blog.zoller.lu/2009/04/avg-zip-evasion-bypass.html
- http://www.securityfocus.com/archive/1/503392/100/0/threaded
- http://www.securityfocus.com/bid/34895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50426
- http://blog.zoller.lu/2009/04/avg-zip-evasion-bypass.html
- http://www.securityfocus.com/archive/1/503392/100/0/threaded
- http://www.securityfocus.com/bid/34895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/50426
FAQ
What is CVE-2009-1784?
CVE-2009-1784 is a vulnerability with a CVSS score of 10.0 (HIGH). The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus products including Anti-Virus Network Edition, Internet Security Netzwerk Edition, Server Edition für Linux/FreeBSD, Anti-Virus SBS E...
How severe is CVE-2009-1784?
CVE-2009-1784 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-1784?
Check the references section above for vendor advisories and patch information. Affected products include: Avg Avg Anti-Virus.