CVE-2008-5520

Summary

CVE	CVE-2008-5520
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2008-12-12 18:30:00 UTC
Updated	2018-10-11 20:55:00 UTC
Description	AhnLab V3 2008.12.4.1 and possibly 2008.9.13.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Ahnlab	V3 Internet Security	2008.12.4.1	All	All	All
Application	Ahnlab	V3 Internet Security	2008.9.13.0	All	All	All
Application	Ahnlab	V3 Internet Security	2008.12.4.1	All	All	All
Application	Ahnlab	V3 Internet Security	2008.9.13.0	All	All	All
Application	Microsoft	Internet Explorer	6	All	All	All
Application	Microsoft	Internet Explorer	7	All	All	All
Application	Microsoft	Internet Explorer	6	All	All	All
Application	Microsoft	Internet Explorer	7	All	All	All

References

Reference	Source	Link	Tags
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Multiple Vendor Anti-Virus Software Malicious WebPage Detection Bypass - CXSecurity.com	SREASON	securityreason.com
SecurityFocus	BUGTRAQ	www.securityfocus.com
SecurityFocus	BUGTRAQ	www.securityfocus.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.