Antivirus Detection Bypass in Avast! Antivirus 4.8 by MZ Header
CVE-2008-5523

Currently unrated

Key Information:

Vendor

Avast

Status
Avast Antivirus
Vendor
CVE Published:
12 December 2008

What is CVE-2008-5523?

The vulnerability present in Avast! Antivirus 4.8.1281.0 arises from its inability to detect certain malware embedded in HTML documents when accessed via Internet Explorer 6 or 7. Attackers can exploit this by prefixing an MZ header, commonly associated with executable files, to manipulate the file's extension or remove it entirely. This tactic enables the malware to evade detection, allowing malicious activities to occur undetected. The exploit demonstrates that by presenting the malware with misleading file types, such as .txt or .jpg, attackers can facilitate the delivery of harmful payloads.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47435
vdb-entryx_refsource_XF
http://securityreason.com/securityalert/4723
third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/archive/1/499043/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.