CVE-2009-1240
First published: Fri Apr 03 2009(Updated: )
Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Proventia Network Mail Security System Virtual Appliance | ||
| IBM Security Network Protection | ||
| IBM Proventia Network Mail Security System Firmware | ||
| IBM Proventia Desktop |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/34345
- http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html
- http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417
- http://www.securityfocus.com/archive/1/504995/100/0/threaded
- http://www.securityfocus.com/archive/1/504992/100/0/threaded
- http://www.securityfocus.com/archive/1/504987/100/0/threaded
- http://www.securityfocus.com/archive/1/502369/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2009-1240?
CVE-2009-1240 is classified as a medium severity vulnerability.
How do I fix CVE-2009-1240?
To fix CVE-2009-1240, upgrade to the latest version of the affected IBM Proventia products as recommended by IBM.
What products are affected by CVE-2009-1240?
CVE-2009-1240 affects IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, and other IBM security products.
Can CVE-2009-1240 be exploited remotely?
Yes, CVE-2009-1240 can be exploited by remote attackers.
What are the implications of CVE-2009-1240?
The implications of CVE-2009-1240 include potential unauthorized access and manipulation of affected IBM Proventia products.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ibm
- canonical/ibm proventia network mail security system virtual appliance
- canonical/ibm security network protection
- canonical/ibm proventia network mail security system firmware
- canonical/ibm proventia desktop