Lucene search

K
cveMitreCVE-2008-5526
HistoryDec 12, 2008 - 6:30 p.m.

CVE-2008-5526

2008-12-1218:30:02
CWE-20
mitre
web.nvd.nist.gov
40
drweb anti-virus
cve-2008-5526
malware detection
internet explorer
remote attack

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0.972

Percentile

99.9%

DrWeb Anti-virus 4.44.0.09170, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka “EXE info”) at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.

Affected configurations

Nvd
Node
drwebanti-virusMatch4.44.0.09170
AND
microsoftinternet_explorerMatch6
OR
microsoftinternet_explorerMatch7
VendorProductVersionCPE
drwebanti-virus4.44.0.09170cpe:2.3:a:drweb:anti-virus:4.44.0.09170:*:*:*:*:*:*:*
microsoftinternet_explorer6cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
microsoftinternet_explorer7cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.2

Confidence

Low

EPSS

0.972

Percentile

99.9%