Details of VAR-200812-0467

ID

VAR-200812-0467

CVE

CVE-2008-5531

TITLE

Fortinet Antivirus In HTML Vulnerabilities that prevent detection of malware in documents

Trust: 0.8

sources: JVNDB: JVNDB-2008-003726

DESCRIPTION

Fortinet Antivirus 3.113.0.0, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. (1) No extension (2) .txt extension (3) .jpg extension. Fortiguard Antivirus is prone to a security bypass vulnerability. Fortinet Antivirus is an anti-virus software

Trust: 1.98

sources: NVD: CVE-2008-5531 // JVNDB: JVNDB-2008-003726 // BID: 84691 // VULHUB: VHN-35656

AFFECTED PRODUCTS

vendor:	fortinet	model:	fortiguard antivirus	scope:	eq	version:	3.113.0.0	Trust: 2.7
vendor:	microsoft	model:	internet explorer	scope:	eq	version:	6 and 7	Trust: 0.8

sources: BID: 84691 // JVNDB: JVNDB-2008-003726 // CNNVD: CNNVD-200812-217 // NVD: CVE-2008-5531

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2008-5531
value:	HIGH
Trust: 1.0
NVD:	CVE-2008-5531
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200812-217
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-35656
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2008-5531
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-35656
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-35656 // JVNDB: JVNDB-2008-003726 // CNNVD: CNNVD-200812-217 // NVD: CVE-2008-5531

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-35656 // JVNDB: JVNDB-2008-003726 // NVD: CVE-2008-5531

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200812-217

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-200812-217

CONFIGURATIONS

sources: JVNDB: JVNDB-2008-003726

PATCH

title:	Top Page	url:	http://www.fortinet.com/	Trust: 0.8
title:	Top Page	url:	http://windows.microsoft.com/	Trust: 0.8

sources: JVNDB: JVNDB-2008-003726

EXTERNAL IDS

db:	NVD	id:	CVE-2008-5531	Trust: 2.8
db:	SREASON	id:	4723	Trust: 2.0
db:	XF	id:	47435	Trust: 0.9
db:	JVNDB	id:	JVNDB-2008-003726	Trust: 0.8
db:	BUGTRAQ	id:	20081209 MULTIPLE VENDOR ANTI-VIRUS SOFTWARE MALICIOUS WEBPAGE DETECTION BYPASS -UPDATE-	Trust: 0.6
db:	BUGTRAQ	id:	20081208 MULTIPLE VENDOR ANTI-VIRUS SOFTWARE MALICIOUS WEBPAGE DETECTION BYPASS	Trust: 0.6
db:	CNNVD	id:	CNNVD-200812-217	Trust: 0.6
db:	BID	id:	84691	Trust: 0.4
db:	VULHUB	id:	VHN-35656	Trust: 0.1

sources: VULHUB: VHN-35656 // BID: 84691 // JVNDB: JVNDB-2008-003726 // CNNVD: CNNVD-200812-217 // NVD: CVE-2008-5531

REFERENCES

url:	http://securityreason.com/securityalert/4723	Trust: 2.0
url:	http://www.securityfocus.com/archive/1/498995/100/0/threaded	Trust: 1.1
url:	http://www.securityfocus.com/archive/1/499043/100/0/threaded	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/47435	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/47435	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/499043/100/0/threaded	Trust: 0.9
url:	http://www.securityfocus.com/archive/1/archive/1/498995/100/0/threaded	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5531	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5531	Trust: 0.8

sources: VULHUB: VHN-35656 // BID: 84691 // JVNDB: JVNDB-2008-003726 // CNNVD: CNNVD-200812-217 // NVD: CVE-2008-5531

CREDITS

Unknown

Trust: 0.3

sources: BID: 84691

SOURCES

db:	VULHUB	id:	VHN-35656
db:	BID	id:	84691
db:	JVNDB	id:	JVNDB-2008-003726
db:	CNNVD	id:	CNNVD-200812-217
db:	NVD	id:	CVE-2008-5531

LAST UPDATE DATE

2025-04-10T22:56:47.415000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-35656	date:	2018-10-11T00:00:00
db:	BID	id:	84691	date:	2008-12-12T00:00:00
db:	JVNDB	id:	JVNDB-2008-003726	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200812-217	date:	2009-01-29T00:00:00
db:	NVD	id:	CVE-2008-5531	date:	2025-04-09T00:30:58.490

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-35656	date:	2008-12-12T00:00:00
db:	BID	id:	84691	date:	2008-12-12T00:00:00
db:	JVNDB	id:	JVNDB-2008-003726	date:	2012-06-26T00:00:00
db:	CNNVD	id:	CNNVD-200812-217	date:	2008-12-12T00:00:00
db:	NVD	id:	CVE-2008-5531	date:	2008-12-12T18:30:02.890