Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5539

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5539
Last Modified 29 Jan 2009 01:59:26
Published 12 Dec 2008 01:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5539

Summary

RISING Antivirus 21.06.31.00 and possibly 20.61.42.00, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.

Vulnerable Systems

Application

  • Rising-global Rising Antivirus 20.61.42.00

  • Rising-global Rising Antivirus 21.06.31.00


References

XF - multiple-antivirus-mzheader-code-execution(47435)

BUGTRAQ - 20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-

BUGTRAQ - 20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass

SREASON - 4723


Last Updated: 27 May 2016 10:48:50