J-Security Center

Latest Attack Object Updates
  • IDP Daily Update #1545
    posted: 11/19/09
  • NSM Daily Update #1545
    posted: 11/19/09
  • Deep Inspection 5.3r5 and above, 5.4, 6.0 #1545
    posted: 11/19/09
  • Deep Inspection 5.1 and 5.2 #1435
    posted: 11/19/09
  • Deep Inspection 5.0, 5.3r4 and below #1132
    posted: 03/28/08 (04/01/08 for 5.0)
  • Antivirus
    posted: 11/19/09

Title: McAfee Products TAR and PDF Files Scan Evasion Vulnerabilities

Severity: HIGH

Description:

McAfee develops antivirus, antispyware, and firewall products.

Multiple McAfee products are prone to vulnerabilities that may allow certain files to bypass the scan engine. The vulnerability occurs because the software fails to properly inspect specially crafted 'TAR' and 'PDF' files.

Successful exploits will allow attackers to distribute files containing malicious code that the antivirus application on a gateway device will fail to detect.

Affected Products:

  • McAfee GroupShield for Exchange 2000 5
  • McAfee GroupShield for Exchange 4
  • McAfee GroupShield for Exchange 5,5 5.0.1007.1
  • McAfee GroupShield for Exchange 5.5 5.0.902.1
  • McAfee GroupShield for Exchange 5.5 5.0.964.1
  • McAfee GroupShield for Exchange 5.5.0
  • McAfee GroupShield for Exchange 6.0.0
  • McAfee GroupShield for Exchange 6.0.616.102
  • McAfee GroupShield for Lotus Domino
  • McAfee GroupShield for Lotus Domino 7
  • McAfee GroupShield for Lotus Domino on AIX 5
  • McAfee GroupShield for Lotus Domino on Windows 5
  • McAfee LinuxShield
  • McAfee LinuxShield 1
  • McAfee NetShield for Netware
  • McAfee NetShield for Netware 4
  • McAfee PortalShield for Microsoft SharePoint
  • McAfee Total Protection 2007
  • McAfee Virex
  • McAfee Virex 7.7
  • McAfee VirusScan 2004
  • McAfee VirusScan 2005
  • McAfee VirusScan 2006
  • McAfee VirusScan Enterprise
  • McAfee VirusScan Enterprise 7.1.0
  • McAfee VirusScan Enterprise 8.0.0
  • McAfee VirusScan Enterprise 8.0.0 i
  • McAfee VirusScan Enterprise 8.0.0 i patch 11
  • McAfee VirusScan Enterprise 8.0.0 i patch 12
  • McAfee VirusScan Enterprise 8.0.0 i patch 15
  • McAfee VirusScan Plus 2007

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.