Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5548

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-5548
Last Modified 09 Jun 2009 12:00:00
Published 12 Dec 2008 01:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-5548

Summary

VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.

Vulnerable Systems

Application

  • Virusbuster 4.5.11.0


References

XF - multiple-antivirus-mzheader-code-execution(47435)

BUGTRAQ - 20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-

BUGTRAQ - 20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass

SREASON - 4723


Last Updated: 27 May 2016 10:48:50