返回 CVE 浏览器

CVE-2008-5522

CRITICAL

9.3

CVSS Severity Score

EPSS Score0.1300%

EPSS Percentile37.42th

Published2008年12月12日

Last Modified2026年4月23日

Vulnerability Description

AVG Anti-Virus 8.0.0.161, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.

Affected Platforms (CPE)

📦

Avg

Antivirus

= 8.0.0.161

References & Advisories

🔗 http://securityreason.com/securityalert/4723

🔗 http://www.securityfocus.com/archive/1/498995/100/0/threaded

🔗 http://www.securityfocus.com/archive/1/499043/100/0/threaded

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47435

🔗 http://securityreason.com/securityalert/4723

🔗 http://www.securityfocus.com/archive/1/498995/100/0/threaded

🔗 http://www.securityfocus.com/archive/1/499043/100/0/threaded

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/47435

相关漏洞威胁

CVE-2004-048710.0

A certain ActiveX control in Symantec Norton AntiVirus 2004 allows remote attackers to cause a denial of service (resource consump...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2000-079310.0

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first use...

CVE-2005-201710.0

Symantec AntiVirus 9 Corporate Edition allows local users to gain privileges via the "Scan for viruses" option, which launches a h...