| Vulnerability Name: | CVE-2008-5525 (CCN-47435) | ||||||||
| Assigned: | 2008-12-08 | ||||||||
| Published: | 2008-12-08 | ||||||||
| Updated: | 2018-10-11 | ||||||||
| Summary: | ClamAV 0.94.1 and possibly 0.93.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. | ||||||||
| CVSS v3 Severity: | 9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C) 8.0 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
6.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:POC/RL:U/RC:UR)
| ||||||||
| Vulnerability Type: | CWE-20 | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Mon Dec 08 2008 - 00:26:16 CST Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass Source: CCN Type: BugTraq Mailing List, Tue Dec 09 2008 - 10:34:48 CST Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update- Source: MITRE Type: CNA CVE-2008-5520 Source: MITRE Type: CNA CVE-2008-5521 Source: MITRE Type: CNA CVE-2008-5522 Source: MITRE Type: CNA CVE-2008-5523 Source: MITRE Type: CNA CVE-2008-5524 Source: MITRE Type: CNA CVE-2008-5525 Source: MITRE Type: CNA CVE-2008-5526 Source: MITRE Type: CNA CVE-2008-5527 Source: MITRE Type: CNA CVE-2008-5528 Source: MITRE Type: CNA CVE-2008-5529 Source: MITRE Type: CNA CVE-2008-5530 Source: MITRE Type: CNA CVE-2008-5531 Source: MITRE Type: CNA CVE-2008-5532 Source: MITRE Type: CNA CVE-2008-5533 Source: MITRE Type: CNA CVE-2008-5534 Source: MITRE Type: CNA CVE-2008-5535 Source: MITRE Type: CNA CVE-2008-5536 Source: MITRE Type: CNA CVE-2008-5537 Source: MITRE Type: CNA CVE-2008-5538 Source: MITRE Type: CNA CVE-2008-5539 Source: MITRE Type: CNA CVE-2008-5540 Source: MITRE Type: CNA CVE-2008-5541 Source: MITRE Type: CNA CVE-2008-5542 Source: MITRE Type: CNA CVE-2008-5543 Source: MITRE Type: CNA CVE-2008-5544 Source: MITRE Type: CNA CVE-2008-5545 Source: MITRE Type: CNA CVE-2008-5546 Source: MITRE Type: CNA CVE-2008-5547 Source: MITRE Type: CNA CVE-2008-5548 Source: SREASON Type: UNKNOWN 4723 Source: CCN Type: Trend Micro Web site Trend Micro Source: CCN Type: Kaspersky Web site Internet Security 2009 Source: CCN Type: AhnLab Web site AhnLab - Antivirus Software and Security Solutions Provider Source: CCN Type: Aladdin Web site eSafe Source: CCN Type: VirusBlokAda Web site VBA32 ANTI-VIRUS Source: CCN Type: avast! Web site avast! Source: CCN Type: AVG Web site AVG Antivirus and Security Software Source: CCN Type: CA Web site CA Source: CCN Type: ClamAV Web site ClamAV Source: CCN Type: ESET Web site ESET Smart Security Source: CCN Type: ewido Web site ewido Source: CCN Type: Fortinet Web site Fortinet Source: CCN Type: Avira AntiVir Web site Avira AntiVir Source: CCN Type: Dr.Web Web site Dr.Web Source: CCN Type: Hacksoft Web site The Hacker Software Source: CCN Type: HAURI Web site The AntiVirus Wizards of HAURI Source: CCN Type: IKARUS Web site IKARUS Security Software Source: CCN Type: K7 Computing Web site K7 Computing Source: CCN Type: Norman Web site :: NORMAN :: Antivirus | Firewall | Network security Source: CCN Type: Opera Web site Opera Browser Source: CCN Type: Panda Security Web site Antivirus, anti-spyware, anti-spam, firewall. Protect yourself with Panda Security Source: CCN Type: PC Tools Web site PC Tools AntiVirus Source: CCN Type: Prevx Web site Prevx Source: CCN Type: Quick Heal Web site Quick Heal Source: CCN Type: RISING Web site RISING - Antivirus,Firewall,Virus,Trojan,Worm Protection,Free Download Source: CCN Type: Secure Computing Web site Secure Computing Source: BUGTRAQ Type: UNKNOWN 20081208 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass Source: BUGTRAQ Type: UNKNOWN 20081209 Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass -Update- Source: CCN Type: Sunbelt Software Web site Antivirus & Antispyware Software Source: CCN Type: Symantec Web site Symantec Source: CCN Type: VirusBuster Web site VirusBuster Source: XF Type: UNKNOWN multiple-antivirus-mzheader-code-execution(47435) Source: XF Type: UNKNOWN multiple-antivirus-mzheader-code-execution(47435) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||