Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities found for network_multi-function_security by ibm
CVE-2009-1240 (GCVE-0-2009-1240)
Vulnerability from nvd – Published: 2009-04-03 18:00 – Updated: 2024-08-07 05:04
VLAI
EPSS
VEX
Summary
Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/504995/100… | mailing-listx_refsource_BUGTRAQ |
| http://blog.zoller.lu/2009/04/ibm-proventia-evasi… | x_refsource_MISC |
| http://iss.custhelp.com/cgi-bin/iss.cfg/php/endus… | x_refsource_MISC |
| http://www.securityfocus.com/bid/34345 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/504987/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/502369/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/504992/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2009-04-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090716 Re: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504995/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417"
},
{
"name": "34345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34345"
},
{
"name": "20090715 Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504987/100/0/threaded"
},
{
"name": "20090402 [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502369/100/0/threaded"
},
{
"name": "20090716 Re[2]: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504992/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090716 Re: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504995/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417"
},
{
"name": "34345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34345"
},
{
"name": "20090715 Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504987/100/0/threaded"
},
{
"name": "20090402 [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502369/100/0/threaded"
},
{
"name": "20090716 Re[2]: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504992/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1240",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090716 Re: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504995/100/0/threaded"
},
{
"name": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html",
"refsource": "MISC",
"url": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html"
},
{
"name": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417",
"refsource": "MISC",
"url": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417"
},
{
"name": "34345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34345"
},
{
"name": "20090715 Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504987/100/0/threaded"
},
{
"name": "20090402 [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502369/100/0/threaded"
},
{
"name": "20090716 Re[2]: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504992/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1240",
"datePublished": "2009-04-03T18:00:00.000Z",
"dateReserved": "2009-04-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1240 (GCVE-0-2009-1240)
Vulnerability from cvelistv5 – Published: 2009-04-03 18:00 – Updated: 2024-08-07 05:04
VLAI
EPSS
VEX
Summary
Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/504995/100… | mailing-listx_refsource_BUGTRAQ |
| http://blog.zoller.lu/2009/04/ibm-proventia-evasi… | x_refsource_MISC |
| http://iss.custhelp.com/cgi-bin/iss.cfg/php/endus… | x_refsource_MISC |
| http://www.securityfocus.com/bid/34345 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/504987/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/502369/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/archive/1/504992/100… | mailing-listx_refsource_BUGTRAQ |
Date Public
2009-04-02 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090716 Re: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504995/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417"
},
{
"name": "34345",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34345"
},
{
"name": "20090715 Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504987/100/0/threaded"
},
{
"name": "20090402 [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502369/100/0/threaded"
},
{
"name": "20090716 Re[2]: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504992/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090716 Re: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504995/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417"
},
{
"name": "34345",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34345"
},
{
"name": "20090715 Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504987/100/0/threaded"
},
{
"name": "20090402 [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502369/100/0/threaded"
},
{
"name": "20090716 Re[2]: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504992/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1240",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090716 Re: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504995/100/0/threaded"
},
{
"name": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html",
"refsource": "MISC",
"url": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html"
},
{
"name": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417",
"refsource": "MISC",
"url": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417"
},
{
"name": "34345",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34345"
},
{
"name": "20090715 Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504987/100/0/threaded"
},
{
"name": "20090402 [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502369/100/0/threaded"
},
{
"name": "20090716 Re[2]: Update: [TZO-06-2009] IBM Proventia - Generic bypass (Limited disclosure - see details)",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504992/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1240",
"datePublished": "2009-04-03T18:00:00.000Z",
"dateReserved": "2009-04-03T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:49.387Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}