CVE-2009-2543

  1. Yack CVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-2543

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

M

ultiple unspecified vulnerabilities in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allow remote attackers to bypass detection of malware via a modified (1) ZIP or (2) CAB archive, a related issue to CVE-2009-1240.

References
Link Resource
http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417
http://www.securityfocus.com/archive/1/504987/100/0/threaded
http://www.securityfocus.com/archive/1/504992/100/0/threaded
http://www.securityfocus.com/archive/1/504995/100/0/threaded
http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417
http://www.securityfocus.com/archive/1/504987/100/0/threaded
http://www.securityfocus.com/archive/1/504992/100/0/threaded
http://www.securityfocus.com/archive/1/504995/100/0/threaded
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:proventia_desktop_endpoint_security:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:proventia_network_mail_security_system:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:proventia_network_mail_security_system_vitual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:proventia_network_multi-function_security:*:*:*:*:*:*:*:*
History

21 Nov 2024, 01:05

Type Values Removed Values Added
References () http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417 - () http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417 -
References () http://www.securityfocus.com/archive/1/504987/100/0/threaded - () http://www.securityfocus.com/archive/1/504987/100/0/threaded -
References () http://www.securityfocus.com/archive/1/504992/100/0/threaded - () http://www.securityfocus.com/archive/1/504992/100/0/threaded -
References () http://www.securityfocus.com/archive/1/504995/100/0/threaded - () http://www.securityfocus.com/archive/1/504995/100/0/threaded -
Information

Published : 2009-07-20 18:30

Updated : 2025-04-09 00:30

NVD link : CVE-2009-2543

Mitre link : CVE-2009-2543

CVE.ORG link : CVE-2009-2543

JSON object : View

Products Affected

ibm

CWE
NVD-CWE-noinfo