CRITICAL: CVE-2008-5542 (CVSS 9.3) — sunbeltsoftware vipre
CVE: CVE-2008-5542
CVSS: 9.3 (2.0) — AV:N/AC:M/Au:N/C:C/I:C/A:C
Severity: CRITICAL
Status: Critical advisory
Affected
- sunbeltsoftware vipre
- microsoft internet explorer
Summary
Sunbelt VIPRE 3.1.1832.2 and possibly 3.1.1633.1, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
Verified Sources
References
- http://securityreason.com/securityalert/4723
- http://www.securityfocus.com/archive/1/498995/100/0/threaded
- http://www.securityfocus.com/archive/1/499043/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47435
- http://securityreason.com/securityalert/4723
- http://www.securityfocus.com/archive/1/498995/100/0/threaded
- http://www.securityfocus.com/archive/1/499043/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47435
_Validated by the Lyrie Threat Intelligence Pipeline — 3 independent sources confirmed before publication. No speculation._
Lyrie Verdict
A vulnerability of this severity is exactly what Lyrie's anti-rogue-AI defense is built for: continuous, autonomous monitoring that doesn't wait for human reaction time.
Validated sources
- [1]NVD
- [2]GitHub Advisory
- [3]MITRE