Bypass Vulnerability in ESET NOD32 Antivirus Affecting Internet Explorer Users
CVE-2008-5534

Currently unrated

Key Information:

Vendor: Eset
Status: Nod32 Antivirus
Vendor: CVE Published:; 12 December 2008

What is CVE-2008-5534?

ESET NOD32 Antivirus versions 3662 and 3440 allow attackers to circumvent malware detection while using Internet Explorer 6 or 7. This vulnerability arises from the ability to manipulate an HTML document by adding an MZ header, which is typically associated with executable files, and renaming the file to either have no extension, a .txt extension, or a .jpg extension. This manipulation can lead to remote execution of malicious exploits, including previously known vulnerabilities.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47435

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/4723

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/499043/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2008
Vulnerability Reserved
Dec 12, 2008

JSON

Eset

What is CVE-2008-5534?

References

Timeline