Malware Detection Bypass in ESET Smart Security Using Internet Explorer 6 and 7
CVE-2008-5527

Currently unrated

Key Information:

Vendor: Eset
Status: Smart Security
Vendor: CVE Published:; 12 December 2008

What is CVE-2008-5527?

A vulnerability in ESET Smart Security allows remote attackers to bypass malware detection when using Internet Explorer 6 or 7. By placing an MZ header at the start of an HTML document and altering the filename to exclude its extension or add inappropriate extensions like .txt or .jpg, attackers can successfully execute malicious code. This flaw poses significant risks as it enables the circumvention of security measures intended to protect users from harmful content.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47435

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/4723

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/499043/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2008
Vulnerability Reserved
Dec 12, 2008

JSON

Eset

What is CVE-2008-5527?

References

Timeline