Malware Detection Bypass in AVG Anti-Virus 8.0.0.161
CVE-2008-5522

Currently unrated

Key Information:

Vendor: Avg
Status: Antivirus
Vendor: CVE Published:; 12 December 2008

What is CVE-2008-5522?

The AVG Anti-Virus 8.0.0.161 version, when used with Internet Explorer 6 or 7, is susceptible to a vulnerability that allows attackers to evade malware detection. This is achieved by embedding an MZ header, commonly recognized as 'EXE info,' at the start of HTML documents. Attackers can modify the filenames to have no extension, or have a .txt or .jpg extension, effectively masking malicious content. This exploitation method is associated with a well-known exploit (CVE-2006-5745), which raises significant concerns for users relying on this antivirus solution for protection against malware.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47435

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/4723

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/499043/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Dec 12, 2008
Vulnerability Reserved
Dec 12, 2008

Avg

What is CVE-2008-5522?

References

Timeline