Back to CVE Browser

CVE-2009-1784

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1280%

EPSS Percentile10.99th

PublishedMay 22, 2009

Last ModifiedApr 23, 2026

Vulnerability Description

The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus products including Anti-Virus Network Edition, Internet Security Netzwerk Edition, Server Edition für Linux/FreeBSD, Anti-Virus SBS Edition, and others allows remote attackers to bypass malware detection via a crafted (1) RAR and (2) ZIP archive.

Affected Platforms (CPE)

📦

Avg

Avg Anti Virus

<= 8.0.156

📦

Avg

Avg Anti Virus

= 6.0.710

📦

Avg

Avg Anti Virus

= 7.0

📦

Avg

Avg Anti Virus

= 7.0.251

📦

Avg

Avg Anti Virus

= 7.0.323

📦

Avg

Avg Anti Virus

= 7.1.308

📦

Avg

Avg Anti Virus

= 7.1.407

📦

Avg

Avg Anti Virus

= 7.5.51

📦

Avg

Avg Anti Virus

= 7.5.448

📦

Avg

Avg Anti Virus

= 7.5.476

📦

Avg

Avg Anti Virus

= 8.0

References & Advisories

🔗 http://blog.zoller.lu/2009/04/avg-zip-evasion-bypass.html

🔗 http://www.securityfocus.com/archive/1/503392/100/0/threaded

🔗 http://www.securityfocus.com/bid/34895

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/50426

🔗 http://blog.zoller.lu/2009/04/avg-zip-evasion-bypass.html

🔗 http://www.securityfocus.com/archive/1/503392/100/0/threaded

🔗 http://www.securityfocus.com/bid/34895

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/50426

Related Vulnerabilities

CVE-2006-593810.0

Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors involving an uninitialized variable and a craft...

CVE-2006-594010.0

Unspecified vulnerability in Grisoft AVG Anti-Virus before 7.1.407 has unknown impact and remote attack vectors related to "Intege...

CVE-2008-55229.3

AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML...

CVE-2006-59397.8

Grisoft AVG Anti-Virus before 7.1.407 allows remote attackers to cause a denial of service (crash) via a crafted DOC file that tri...