Description
Symantec AntiVirus (SAV) 10, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47435
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4723
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/499043/100/0/threaded
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498995/100/0/threaded
Scores
EPSS
0.0053
EPSS Percentile
67.4%
Details
CWE
CWE-20
Status
published
Products (1)
symantec/antivirus
10.0
Published
Dec 12, 2008
Tracked Since
Feb 18, 2026