Security Hero Rotating Header Image

1491 (groupshield)

CVE-2009-1491 (groupshield)

McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, which allows remote attackers to bypass virus detection via a crafted message, as demonstrated by a message with an X-Testing header and no message body.

URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1491

Leave a Reply

Your email address will not be published. Required fields are marked *