CVE

Id
35665  
CVE No.
CVE-2008-5548  
Status
Candidate  
Description
VirusBuster 4.5.11.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.  
Phase
Assigned (20081212)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
392348 35665 CVE-2008-5548 BUGTRAQ:20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass  View
392349 35665 CVE-2008-5548 URL:http://www.securityfocus.com/archive/1/archive/1/498995/100/0/threaded  View
392350 35665 CVE-2008-5548 BUGTRAQ:20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update-  View
392351 35665 CVE-2008-5548 URL:http://www.securityfocus.com/archive/1/archive/1/499043/100/0/threaded  View
392352 35665 CVE-2008-5548 SREASON:4723  View
392353 35665 CVE-2008-5548 URL:http://securityreason.com/securityalert/4723  View
392354 35665 CVE-2008-5548 XF:multiple-antivirus-mzheader-code-execution(47435)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
49845 JVNDB-2008-005155 Microsoft Internet Explorer 8 の XSS Filter における XSS 攻撃を実行される脆弱性 Microsoft Internet Explorer 8 の XSS Filter には、XSS 保護メカニズムを回避される、および XSS 攻撃を実行される脆弱性が存在します。 CVE-2008-5552 35665 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005155.html  View