Remote Malware Detection Bypass in Secure Computing Secure Web Gateway
CVE-2008-5540

Currently unrated

Key Information:

Vendor: Secure Computing
Status: Secure Web Gateway; Webwasher
Vendor: CVE Published:; 12 December 2008

🔔 Create Secure Computing Vulnerability Alert

What is CVE-2008-5540?

The Secure Computing Secure Web Gateway, particularly when used with Internet Explorer versions 6 or 7, is susceptible to a vulnerability that allows remote attackers to evade malware detection. This is accomplished by manipulating the HTML document, wherein attackers can include an MZ header at the beginning of the document. Furthermore, they can disguise the file’s true nature by altering its extension to either have no extension at all, or to use misleading extensions like .txt or .jpg. This exploitation technique can potentially lead to the execution of malicious payloads that are hidden within compromised documents, highlighting the importance of robust web security practices.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47435

vdb-entryx_refsource_XF

http://securityreason.com/securityalert/4723

third-party-advisoryx_refsource_SREASON

http://www.securityfocus.com/archive/1/499043/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Dec 12, 2008
Vulnerability Reserved
Dec 12, 2008

JSON