Malware Detection Bypass in Sophos Anti-Virus via Internet Explorer
CVE-2008-5541

Currently unrated

Key Information:

Vendor

Sophos
Status
Anti-virus
Vendor
CVE Published:
12 December 2008

What is CVE-2008-5541?

A security flaw in Sophos Anti-Virus version 4.33.0 allows remote attackers to avoid detection of malware embedded in HTML documents when using Internet Explorer 6 or 7. By inserting an MZ header at the beginning of the document and altering the file extension to either none, .txt, or .jpg, malicious code can exploit this vulnerability. This could potentially expose users to various security threats, as the antivirus software fails to identify the malicious intent of the web page.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47435
vdb-entryx_refsource_XF
http://securityreason.com/securityalert/4723
third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/archive/1/499043/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.