Vulnerability Details : CVE-2009-1241
Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive.
Products affected by CVE-2009-1241
- cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-1241
1.65%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-1241
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2009-1241
-
http://www.securityfocus.com/archive/1/502366/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.vupen.com/english/advisories/2009/0934
Site en constructionPermissions Required
-
http://secunia.com/advisories/36701
About Secunia Research | FlexeraThird Party Advisory
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:097
MandrivaThird Party Advisory
-
http://www.securityfocus.com/bid/34344
Third Party Advisory;VDB Entry
-
http://support.apple.com/kb/HT3865
About Security Update 2009-005 - Apple SupportThird Party Advisory
-
http://www.openwall.com/lists/oss-security/2009/04/07/6
oss-security - Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archiveMailing List;Third Party Advisory
-
http://lists.apple.com/archives/security-announce/2009/Sep/msg00004.html
Mailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2009:009 - openSUSE Security Announce - openSUSE Mailing ListsMailing List;Third Party Advisory
-
http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html
Musings on Information Security and Data Privacy: ClamAV 0.94 and below - Evasion and bypass due to malformed archiveThird Party Advisory
Jump to